urlscan.io logo urlscan.io
SecurityTrails logo

zdorovia.com.ua Open in urlscan Pro
91.210.190.92  Public Scan

Go To Rescan Add Verdict Report
URL: http://zdorovia.com.ua/
Submission: On July 15 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 16 countries across 77 domains to perform 508 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
57 91.210.190.92 48440 (AS-EKVIA)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a03:90c0:41:... 199524 (GCORE)
2 104.18.2.81 13335 (CLOUDFLAR...)
2 4 88.212.202.52 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
6 31 51.83.220.94 16276 (OVH)
1 3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
26 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f06... 32934 (FACEBOOK)
4 21 146.0.227.110 20773 (GODADDY)
10 146.0.227.107 20773 (GODADDY)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 13 142.250.185.98 15169 (GOOGLE)
4 193.200.65.6 6681 (GIVEME-CLOUD)
9 12 185.89.210.20 29990 (ASN-APPNEX)
4 185.64.190.79 62713 (AS-PUBMATIC)
1 3 185.184.8.90 204995 (RTB-HOUSE...)
1 2 37.157.2.236 198622 (ADFORM)
4 23.227.146.194 55081 (24SHELLS)
10 51.75.86.98 16276 (OVH)
1 9 5.178.65.245 50673 (SERVERIUS-AS)
2 82.145.213.8 39832 (NO-OPERA)
2 2 18.156.0.31 16509 (AMAZON-02)
4 8.2.108.175 46636 (NATCOWEB)
6 6 35.211.178.172 19527 (GOOGLE-2)
1 1 198.24.170.53 19437 (SS-ASH)
1 3 194.247.175.26 196831 (BEMOBILE-AS)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
2 2 188.42.196.115 7979 (SERVERS-COM)
2 2 199.115.119.227 30633 (LEASEWEB-...)
1 1 51.68.39.188 16276 (OVH)
2 34.98.67.61 15169 (GOOGLE)
4 72.251.249.14 29791 (VOXEL-DOT...)
2 8.2.110.206 46636 (NATCOWEB)
3 23.227.147.130 55081 (24SHELLS)
1 183.110.238.136 4766 (KIXS-AS-K...)
1 2 176.9.81.69 24940 (HETZNER-AS)
45 2a00:1450:400... 15169 (GOOGLE)
2 62.149.18.58 15497 (COLOCALL ...)
5 77.123.132.42 35680 (VOLIA)
4 66.155.71.150 13768 (COGECO-PEER1)
3 7 35.227.252.103 15169 (GOOGLE)
8 24 35.169.179.244 14618 (AMAZON-AES)
8 5.178.65.253 50673 (SERVERIUS-AS)
6 6 23.75.240.210 16625 (AKAMAI-AS)
12 23.205.235.133 16625 (AKAMAI-AS)
8 23.35.236.201 16625 (AKAMAI-AS)
4 205.234.175.175 23352 (SERVERCEN...)
19 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 35.227.248.159 15169 (GOOGLE)
4 5 37.157.3.29 198622 (ADFORM)
3 15.197.193.217 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 198.47.127.19 3257 (GTT-BACKB...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 79.125.65.240 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
2 2 185.86.137.110 201081 (SMARTADSE...)
2 6 52.213.127.205 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 54.229.168.160 16509 (AMAZON-02)
2 34.255.204.3 16509 (AMAZON-02)
1 168.119.79.223 24940 (HETZNER-AS)
2 2 151.101.194.49 54113 (FASTLY)
1 1 65.9.66.128 16509 (AMAZON-02)
1 1 54.166.21.101 14618 (AMAZON-AES)
1 2 52.95.115.255 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
4 4 52.215.200.154 16509 (AMAZON-02)
6 69.173.144.139 26667 (RUBICONPR...)
8 65.9.66.97 16509 (AMAZON-02)
4 51.15.145.115 12876 (Online SAS)
1 69.173.144.138 26667 (RUBICONPR...)
2 67.202.105.31 32748 (STEADFAST)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 26 23.227.139.243 55081 (24SHELLS)
3 3 213.19.147.45 3356 (LEVEL3)
3 3 54.74.201.126 16509 (AMAZON-02)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 52.57.150.20 16509 (AMAZON-02)
33 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 37.157.2.238 198622 (ADFORM)
4 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
508 77
57    91.210.190.92 (Ukraine)

ASN48440 (AS-EKVIA, UA)
PTR: internetmedia.ua
zdorovia.com.ua
nashamama.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
16    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.go2net.com.ua
cdn.admixer.net
2    104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)
i.i.ua
r.i.ua
4    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
31    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
26    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    2a03:2880:f067:e:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)
scontent-lcy1-1.xx.fbcdn.net
21    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
10    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
ads.go2net.com.ua
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
11    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
13    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
partner.googleadservices.com
4    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
12    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
4    23.227.146.194 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
10    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
9    5.178.65.245 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
6    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    198.24.170.53 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
3    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    199.115.119.227 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
4    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
3    23.227.147.130 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
2    176.9.81.69 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.69.81.9.176.clients.your-server.de
exchange.buzzoola.com
45    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    62.149.18.58 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: cc53243-01.cc.colocall.com
content.admixer.net
5    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
4    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
7    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
24    35.169.179.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-179-244.compute-1.amazonaws.com
a.audrte.com
8    5.178.65.253 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
6    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    205.234.175.175 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
19    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f607:76e2:e824:b454:65c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    2a05:d018:24:b002:32a0:48fa:dc36:ac0b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    79.125.65.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-65-240.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.118 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
6    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    54.229.168.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-168-160.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    34.255.204.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-204-3.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    65.9.66.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-128.fra56.r.cloudfront.net
engine.widespace.com
1    54.166.21.101 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-21-101.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
4    52.215.200.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-200-154.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
8    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
4    51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu
js.cookieless-data.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
2    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
26    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
3    213.19.147.45 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
3    54.74.201.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-201-126.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    2a02:6ea0:c700::19 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
17    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
33    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
78 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 128
tpc.googlesyndication.com — Cisco Umbrella Rank: 166
1 MB
54 zdorovia.com.ua
zdorovia.com.ua
1 MB
36 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 6935
file.adpartner.pro — Cisco Umbrella Rank: 236187
61 KB
29 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
cm.g.doubleclick.net — Cisco Umbrella Rank: 223
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
135 KB
29 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 47445
inv-nets.admixer.net — Cisco Umbrella Rank: 3040
content.admixer.net — Cisco Umbrella Rank: 307162
2 MB
27 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 553
scontent-lcy1-1.xx.fbcdn.net — Cisco Umbrella Rank: 13320
294 KB
26 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1165
eus.rubiconproject.com — Cisco Umbrella Rank: 630
token.rubiconproject.com — Cisco Umbrella Rank: 787
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2473
pixel.rubiconproject.com — Cisco Umbrella Rank: 372
65 KB
26 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 4476
sync.adtelligent.com — Cisco Umbrella Rank: 3940
14 KB
24 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2561
25 KB
21 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5165
s.e-planning.net — Cisco Umbrella Rank: 7755
u-ams02.e-planning.net — Cisco Umbrella Rank: 68283
i.e-planning.net — Cisco Umbrella Rank: 7805
13 KB
20 go2net.com.ua
scripts.go2net.com.ua
ads.go2net.com.ua — Cisco Umbrella Rank: 302665
314 KB
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1822
mwzeom.zeotap.com — Cisco Umbrella Rank: 1465
6 KB
16 google.com
www.google.com — Cisco Umbrella Rank: 17
adservice.google.com — Cisco Umbrella Rank: 103
4 KB
14 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 990
tags.crwdcntrl.net — Cisco Umbrella Rank: 1460
195 KB
14 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 632
ads.pubmatic.com — Cisco Umbrella Rank: 531
image6.pubmatic.com — Cisco Umbrella Rank: 684
47 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
10 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 849
9 adform.net
adx.adform.net — Cisco Umbrella Rank: 3780
dmp.adform.net — Cisco Umbrella Rank: 4474
cm.adform.net — Cisco Umbrella Rank: 1718
3 KB
7 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1906
603 B
7 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5067
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5625
3 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 315
3 KB
6 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2790
adservice.google.co.uk — Cisco Umbrella Rank: 4409
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
170 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1095
5 KB
4 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7340
2 KB
4 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 48850
856 B
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3672
764 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 731
1 KB
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 6028
516 B
4 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 94635
1 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
39 KB
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8351
3 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 692
865 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 586
2 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 504
usermatch.krxd.net — Cisco Umbrella Rank: 1355
943 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 399
793 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 500
769 B
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 113565
640 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 290
cms.analytics.yahoo.com — Cisco Umbrella Rank: 911
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 662
921 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
37 KB
3 nashamama.com
nashamama.com
40 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
42 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 282
234 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 957
689 B
2 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 4681
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1071
725 B
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 3965
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1276
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 689
883 B
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1640
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 35441
683 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 213
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1254
752 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 17949
543 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 7994
1020 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1052
417 B
2 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 5400
764 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2431
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
2 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2802
839 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 100243
i.bigmir.net — Cisco Umbrella Rank: 200978
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107
53 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 507685
r.i.ua — Cisco Umbrella Rank: 113501
4 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 350
fonts.googleapis.com — Cisco Umbrella Rank: 81
86 KB
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 538
145 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 67673
480 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2010
361 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 492
532 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1776
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8368
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 14680
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 702
161 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 6763
904 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3739
479 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 5126
615 B
0 com.ru Failed
adx.com.ru — Cisco Umbrella Rank: 51222 Failed
508 77
Domain Requested by
54 zdorovia.com.ua zdorovia.com.ua
45 pagead2.googlesyndication.com scripts.go2net.com.ua
pagead2.googlesyndication.com
file.adpartner.pro
zdorovia.com.ua
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
33 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
zdorovia.com.ua
31 a4p.adpartner.pro 6 redirects zdorovia.com.ua
a4p.adpartner.pro
26 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
24 a.audrte.com 8 redirects ads.us.e-planning.net
a.audrte.com
zdorovia.com.ua
s.adtelligent.com
22 sync.adtelligent.com 2 redirects s.adtelligent.com
ads.us.e-planning.net
s.console.adtarget.com.tr
21 inv-nets.admixer.net 4 redirects scripts.go2net.com.ua
zdorovia.com.ua
ads.us.e-planning.net
15 mwzeom.zeotap.com spl.zeotap.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
s.adtelligent.com
12 ib.adnxs.com 9 redirects zdorovia.com.ua
spl.zeotap.com
scripts.go2net.com.ua
11 cm.g.doubleclick.net 10 redirects spl.zeotap.com
11 www.google.com 2 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
10 onetag-sys.com ads.go2net.com.ua
ads.us.e-planning.net
s.adtelligent.com
10 ads.go2net.com.ua scripts.go2net.com.ua
zdorovia.com.ua
10 scripts.go2net.com.ua zdorovia.com.ua
scripts.go2net.com.ua
8 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
8 ads.pubmatic.com ads.us.e-planning.net
s.adtelligent.com
8 s.e-planning.net ads.us.e-planning.net
7 rtb.openx.net 3 redirects ads.us.e-planning.net
6 token.rubiconproject.com eus.rubiconproject.com
6 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
6 secure-assets.rubiconproject.com 6 redirects
6 x.bidswitch.net 6 redirects
6 cdn.admixer.net zdorovia.com.ua
scripts.go2net.com.ua
cdn.admixer.net
5 adservice.google.com pagead2.googlesyndication.com
5 adservice.google.co.uk pagead2.googlesyndication.com
5 dmp.adform.net 4 redirects spl.zeotap.com
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
5 ads.us.e-planning.net 1 redirects ads.go2net.com.ua
s.adtelligent.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
4 sync.console.adtarget.com.tr 2 redirects s.console.adtarget.com.tr
4 ps.eyeota.net zdorovia.com.ua
s.adtelligent.com
4 js.cookieless-data.com s.e-planning.net
4 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 4 redirects
4 spl.zeotap.com ads.us.e-planning.net
4 i.e-planning.net ads.us.e-planning.net
4 u-ams02.e-planning.net ads.us.e-planning.net
4 pixel.sitescout.com ads.us.e-planning.net
4 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
4 us.ck-ie.com zdorovia.com.ua
4 s.adtelligent.com ads.go2net.com.ua
s.adtelligent.com
4 image8.pubmatic.com zdorovia.com.ua
4 m.trafmag.com zdorovia.com.ua
4 www.facebook.com zdorovia.com.ua
static.xx.fbcdn.net
4 counter.yadro.ru 2 redirects zdorovia.com.ua
3 ad.360yield.com 3 redirects
3 sync.1rx.io 3 redirects
3 match.adsrvr.org spl.zeotap.com
s.adtelligent.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
3 pa.tns-ua.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 creativecdn.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
2 s0.2mdn.net googleads.g.doubleclick.net
2 cm.adform.net 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 vid.vidoomy.com s.adtelligent.com
2 csync.loopme.me 2 redirects
2 ic.tynt.com s.adtelligent.com
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 sync.smartadserver.com 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
2 content.admixer.net zdorovia.com.ua
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 cs.mobfox.com zdorovia.com.ua
scripts.go2net.com.ua
2 odr.mookie1.com zdorovia.com.ua
spl.zeotap.com
2 sync.lemmatechnologies.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 t.adx.opera.com zdorovia.com.ua
scripts.go2net.com.ua
2 adx.adform.net 1 redirects zdorovia.com.ua
2 www.youtube.com zdorovia.com.ua
www.youtube.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 idsync.admixer.co.kr zdorovia.com.ua
1 dsp.nrich.ai 1 redirects
1 server.cpmstar.com 1 redirects
1 www.google.co.uk zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 scontent-lcy1-1.xx.fbcdn.net www.facebook.com
zdorovia.com.ua
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
1 ajax.googleapis.com zdorovia.com.ua
0 adx.com.ru Failed zdorovia.com.ua
508 109

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-11-15 -
2022-12-05		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-23 -
2022-07-22		 3 months crt.sh
adpartner.pro
R3		 2022-06-14 -
2022-09-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.mobfox.com
R3		 2022-06-28 -
2022-09-26		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-05-29 -
2022-08-27		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sync.console.adtarget.com.tr
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh

This page contains 113 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: B24BD5ABECB5EB961F5E0AC2870CF004
Requests: 136 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdoroviacomua%252F%26tabs%3Dtimeline%26width%3D300%26height%3D600%26small_header%3Dtrue%26adapt_container_width%3Dtrue%26hide_cover%3Dtrue%26show_facepile%3Dtrue%26appId%3D348298842028226
Frame ID: B6EF925BB7305A15C07F59FDDDC985AA
Requests: 39 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 9AE74E923B267EA0D2658FDC988581FE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: A7D5C5D9EE585FF5614F52394DC30B29
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: 4614E4E5510E6C41F0D2D3B40846E163
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=15007199967767714&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: F85C6777029550502BE0E173CB79FEE3
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 85BD5D46A3B8E561DE57174991F51280
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 764EB78C0C79AE60CC65246F5829061C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 6AA82F801AD88E8F453D4A23544A4346
Requests: 13 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: 8137AB3A0CF2EFF4795E05305D24938F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: AD15C2F0C4E483A7AB76C91810D8ED50
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 0C06CB03200B6E5308D21B1D40432DED
Requests: 2 HTTP requests in this frame

Frame: https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Frame ID: 8A2C592C9F39302EA66466FBB8D59D07
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 5E5339C64BAA9303319131D685431E2E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: D3A9219C5688088A517EF18B161AEE53
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df2c5a682b01d5638%26uid%3D
Frame ID: F80F051CAEBF5713297F76CEE0832D0E
Requests: 2 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: AA820ACE82F395FAE92C089C8B2C85F5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 2C74039F8941E572627D355DABF54106
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 0BB353B14FBC832A342F47BB85B44DCB
Requests: 28 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 7303971353146706C1DE1EF61C454875
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 72F2CA2CC30948D3B79F2ED1D9768230
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: BF27DA38B744F5596141AAB9681C077F
Requests: 8 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: BFCD507F4CC602D46EB1CD35D653AB07
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AEkNB%2f7HoCrYZdka
Frame ID: ACE9B098350FBC3BE68771DE6652F3EC
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 8890A82FE6189A2BD9BD859D9906B611
Requests: 13 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: AD3B4C2997F5C1EBE4D4C7A5A8169FD0
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 6377A2C374CCCE696FAA4BFAF9BB327E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
Frame ID: EDCE9DEE8666A413C5E7F3D82E71DD29
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 00C4908AB3DC8E57FCEE1A5981C8984E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 5C01DA68C28F8A4E7C3E171D91557273
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 28CB659E1E3BF67B644C767945B9DB11
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
Frame ID: 9309F0A61D65D18F7AF1E8655B1E835D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 9CC928A5B005A97713398CAC3ECC1DAC
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=2&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 38F635A1DEBF7D4D53C47E77311B1972
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 86C6C3215E70618198D4C5F5A466712D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df2c5a682b01d5638%26uid%3D
Frame ID: 81E89BD16C95CDF0C9A2B8F7017FDC4C
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 61CA6F7848F6AB1A26A275393276834D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 05161E09DDF67B19788DCEC53E4C9390
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 02B2FAE7B897E32A70383EE6D0D5E09D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: A4E9C267067C2F38893FF3EEF2AFE48F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 276849D506CC06AAC4F5406B4EF07E57
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 6557D634F10D793ADC0F039F541C3A81
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 0EDDE037448E9B5D2B74C8D93F73AE81
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 7873BD851EFE12AEC41FDAC580849A06
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AEkNB%2f7HoCrYZdka
Frame ID: 608B315C94620E68EFF21BD7BB37FB05
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: CDCB997888FE3550AC774DD1490FF1CC
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 5B487DE4B49F075B5AAFC7F9BF14FCE0
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 72DD6D32404E02E286829AECDBC11B24
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: D76A4C1C6AEB94CA5A4B79A9A7FD6458
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 96B28583AFC4FA0D8C7F5207F0F9B982
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1dd78631b92eb07e%26uid%3D
Frame ID: 76A4A894A99AB160304E3335FD0BE899
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: CC205D3DFB1E1298C18B976039574E05
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: BE5F39B4C546724345B0403497D8FFCE
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 9B823752D20D49D9902A798CB401AEE4
Requests: 2 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_15007199967767714&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3De042d1bb27a551c6dce6ae9c57cb1edd
Frame ID: BA8D7A6DE9DFCD2014FE06B3598B590C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1657860134&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860133961&bpp=6&bdt=726&idt=335&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&correlator=5267616142148&frm=23&ife=5&pv=2&ga_vid=1598207648.1657860133&ga_sid=1657860133&ga_hid=1761840337&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531605&oid=2&pvsid=1315195224944008&tmod=1529975537&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.s463gzszmyav&fsb=1&dtd=358
Frame ID: 2DA5778832AA49C61521913E0D9CB219
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 906C1EA129C208B88282246538340446
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 531A92D6A2AFDDD87B04ADDCF23DA3FD
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F7a91046b-a724-44a2-b72d-b4f852ec0c31%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTM0LCJzaG93X2lkIjoiN2E5MTA0NmItYTcyNC00NGEyLWI3MmQtYjRmODUyZWMwYzMxIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dae525da9afff2277faee3363e936034e&showId=7a91046b-a724-44a2-b72d-b4f852ec0c31&apuid=e3459477-c829-457e-836f-f5a036560197
Frame ID: 424D438B949C1C8D3823336C6F6EA071
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 8C2EFD7D69FD3839C87FEBE6E97AD1D7
Requests: 13 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 2318F0CDA902AAFF81BD1524BACFEC7D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 68C322BB9785B112DAF4B85337AE143C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
Frame ID: 7F31AFF90EAD72DFF08CFFEC239E9D7F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 8069E382ACBC8B1A64E3317E2B1D2641
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
Frame ID: 5C8F9EB59C58F52A4BECF754966BE9D0
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: F070F8CC1DD4CE3652F38A4F23A59479
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 82183FCEC2BC63C631E74E8675D6E1E9
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25227a91046b-a724-44a2-b72d-b4f852ec0c31%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25227a91046b-a724-44a2-b72d-b4f852ec0c31%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 616EFB87AB400216A514BB5598FE54CE
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25227a91046b-a724-44a2-b72d-b4f852ec0c31%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25227a91046b-a724-44a2-b72d-b4f852ec0c31%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 0C9B7F64A4C810F43B27BF94D68BC738
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: A9C78D5EC31D10607594DDB543473D43
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=3&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 8C45CB5DE50724AB7A5068FE858430ED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1657860134&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134196&bpp=3&bdt=683&idt=341&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&correlator=5267616142148&frm=23&ife=5&pv=1&ga_vid=1598207648.1657860133&ga_sid=1657860133&ga_hid=189203386&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=905&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068380&oid=2&pvsid=1381346131763052&tmod=1695988899&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.ovc32558bph&fsb=1&dtd=397
Frame ID: 656D9990639AE4290F485F6596688BCE
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 776FDED2D6F61199B38745020720C24C
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AEkNB%2f7HoCrYZdka
Frame ID: B3EF06B2D1FAC5415810281CF3CA82CB
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
Frame ID: 30FC70EC9E9F1F0C7D0630787C750A32
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 416A4A0CC160523242312522D73C0A04
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1dd78631b92eb07e%26uid%3D
Frame ID: 3E734484DDF5EDDD64520A0E942196C1
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D4B49F429624EBBA538A28DD74363EDC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: E2EFA2C9679D1C2EFB4EDA00BF3C86A1
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: B16380BC9CF1CEF9EBABBA5BA57DE071
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 659ACA5BBB9A2EF7D42D959234E83A7E
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: A22D85BC8C15F81658536F232A2F5D6F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: CCC35E84F475069313B0CB97DC32274B
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
Frame ID: 43D0BFAA32269CC26B7A4B1E234E726D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F30FC4CD5F0852BA37D310FAE3DF1DBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1FE4DF80B996A34CC17786C77957674B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Frame ID: 34CB82BA0F4730BAC13061FD5A21B203
Requests: 15 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 5248DF353416D90FC2BCBADCD85F6388
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AEkNB%2f7HoCrYZdka
Frame ID: A26822EBACCF18D8EC4F63B860FDA913
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Frame ID: FF239127486CBC3FA6E7747D102C0D50
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Frame ID: 3943E12CD263F512B53C2863CDBC06E8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1180501F5306894E0652747A866A8889
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CC78709292495BEA2450E40C30F40FD
Requests: 2 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fe3a60e77-76e5-48b3-b93e-14fe5a62282e%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTM0LCJzaG93X2lkIjoiZTNhNjBlNzctNzZlNS00OGIzLWI5M2UtMTRmZTVhNjIyODJlIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Daa44086e06f152bbc08c713bafd9b4f4&showId=e3a60e77-76e5-48b3-b93e-14fe5a62282e&apuid=e3459477-c829-457e-836f-f5a036560197
Frame ID: 8EACBBC360645401580D72F3DED2EC36
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522e3a60e77-76e5-48b3-b93e-14fe5a62282e%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e3a60e77-76e5-48b3-b93e-14fe5a62282e%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: BF9CB6E1E11D5A80BB3F7EF2861FAF51
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522e3a60e77-76e5-48b3-b93e-14fe5a62282e%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e3a60e77-76e5-48b3-b93e-14fe5a62282e%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 28C3FB49C0A754804F75D2F20413460E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGLuStcgBMAE&v=APEucNW6uYrtKrpl-FQ1wvov3mg0A1Lfgg0HIFi3obZtT6RfKv9kUe0Z-Iindi6MeI7E4ArKy-EZ3wcgx-zTNQ-m2Bn1zdN_fw
Frame ID: 3BCCB9EB0D7EA636420DFD070D7CBD93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGLuStcgBMAE&v=APEucNU5tdBeHSQGUxas9UXkp8JfOjAm_MRXLFGSsx7wCQ06UiuJ_QfjfO0EeAcvewPKC0njGxHhPHWzH3knDx2qMKlaOKPxFA
Frame ID: FBA4488FAEFD0FB20389BE18E98FCDB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Frame ID: 2683F96942169EFA04FA29488CF82B78
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E7882ACAA79C9FBEE41E97F1E2C5D50
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EE1BCAE7EA66984747CA1D68F8FDE92A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB484142A40907861316D92D33B59E5A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: F5A500356BACB38FF6685EBD0B4608C3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: 97AAC867AE73870140419C176E0B522D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9447084A123890B434132C845B2256A0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8230BA2D506AE26E10E5B216C357006
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4FC7BE3B2D9DCD492EE99D00191028AC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C81896EC230D3EA246DF5E0F85C5D84
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BB9902C2B3D13FC742B11E47B9F4A913
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B486E2B3FC9634F069D1E9951B878FC
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: 3737DB0559C7DE8A3323F3395ED0C378
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=2&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: EE4F4D1B35D416E7EAAD063DF7FE956C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=3&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 62BD59A8C87A8C7B77014E2769D0AAD3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

508
Requests

74 %
HTTPS

26 %
IPv6

77
Domains

109
Subdomains

77
IPs

16
Countries

6804 kB
Transfer

11660 kB
Size

110
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • http://a4p.adpartner.pro/branding?id=1550&0.9066716552469916 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
Request Chain 59
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 60
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.4748768962674601 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.4748768962674601 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.4748768962674601
Request Chain 68
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n529776&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 90
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=758121610&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=457430088&utmr=-&utmp=%2F&utmht=1657860132863&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1598207648.1657860133.1657860133.1657860133.1%3B%2B__utmz%3D148597372.1657860133.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1934097783&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=758121610&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=457430088&utmr=-&utmp=%2F&utmht=1657860132863&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1598207648.1657860133.1657860133.1657860133.1%3B%2B__utmz%3D148597372.1657860133.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1934097783&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1598207648.1657860133&jid=1934097783&_v=5.7.2&z=758121610 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1598207648.1657860133&jid=1934097783&_v=5.7.2&z=758121610 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1598207648.1657860133&jid=1934097783&_v=5.7.2&z=758121610&slf_rd=1&random=750912441
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=NjViYmJmZjljNjE3NDg1NWEzZDQ4NGMyNTc4OTkzMTY=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=NjViYmJmZjljNjE3NDg1NWEzZDQ4NGMyNTc4OTkzMTY=&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEPmS1C_UtPyBU0sMzbtx94Y&google_cver=1
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NjViYmJmZjljNjE3NDg1NWEzZDQ4NGMyNTc4OTkzMTY=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NjViYmJmZjljNjE3NDg1NWEzZDQ4NGMyNTc4OTkzMTY=&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEB_hmzahNwDa8lXlGK_AUsw&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEGAaS3WnRmnGnnDbbC-pvJ0&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
Request Chain 104
  • https://ib.adnxs.com/setuid?entity=533&code=65bbbff9c6174855a3d484c257899316 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D65bbbff9c6174855a3d484c257899316
Request Chain 106
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 108
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_242078&url=http%3A%2F%2Fzdorovia.com.ua%2F HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_242078&url=http%3A%2F%2Fzdorovia.com.ua%2F
Request Chain 111
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 113
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=e3459477-c829-457e-836f-f5a036560197
Request Chain 114
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-bRHFU09E2uG_RCBvjwhl_VmSkMWKJNMgJZUBcZ0-~A
Request Chain 118
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=65bbbff9c6174855a3d484c257899316&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=65bbbff9c6174855a3d484c257899316&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=45cccbf5-6903-473b-a282-e274468999e8&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dadmixer%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=admixer&user_id=L5yCkZkr7Sz75cqrn0Gs0 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=45cccbf5-6903-473b-a282-e274468999e8&gdpr=&consent=&gdpr_pd=
Request Chain 119
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=65bbbff9c6174855a3d484c257899316 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z990072CE391491297E74A2FC3EE00AE&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=65bbbff9c6174855a3d484c257899316
Request Chain 120
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YtDwJfvh_34KJV1Ax-Fd0wAACiUAAAAB
Request Chain 121
  • https://rtb.com.ru/admixer-sync?uid=65bbbff9c6174855a3d484c257899316 HTTP 302
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=65bbbff9c6174855a3d484c257899316 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=62d0f02505f708479ac249f0&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62d0f02505f708479ac249f0%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D62d0f02505f708479ac249f0%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D62d0f02505f708479ac249f0%252526i%25253D7119399360667410799%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D62d0f02505f708479ac249f0%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D62d0f02505f708479ac249f0%2525252526nc%252525253D4020588395831498425%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D62d0f02505f708479ac249f0%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FxLfmfLC7CYuqPY3fMXyGqW%2525252525253Fsign%2525252525253D293192260%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D62d0f02505f708479ac249f0 HTTP 302
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62d0f02505f708479ac249f0%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D62d0f02505f708479ac249f0%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D62d0f02505f708479ac249f0%252526i%25253D7119399360667410799%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D62d0f02505f708479ac249f0%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D62d0f02505f708479ac249f0%2525252526nc%252525253D4020588395831498425%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D62d0f02505f708479ac249f0%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FxLfmfLC7CYuqPY3fMXyGqW%2525252525253Fsign%2525252525253D293192260%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D62d0f02505f708479ac249f0&google_gid=CAESEIe_p3YMnOpZj-cbuwVeEC0&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=62d0f02505f708479ac249f0&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62d0f02505f708479ac249f0%2526i%253D7119399360667410799%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62d0f02505f708479ac249f0%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62d0f02505f708479ac249f0%25252526nc%2525253D4020588395831498425%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62d0f02505f708479ac249f0%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FxLfmfLC7CYuqPY3fMXyGqW%25252525253Fsign%25252525253D293192260%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62d0f02505f708479ac249f0 HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=62d0f02505f708479ac249f0&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62d0f02505f708479ac249f0%2526i%253D7119399360667410799%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62d0f02505f708479ac249f0%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62d0f02505f708479ac249f0%25252526nc%2525253D4020588395831498425%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62d0f02505f708479ac249f0%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FxLfmfLC7CYuqPY3fMXyGqW%25252525253Fsign%25252525253D293192260%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62d0f02505f708479ac249f0&dsp_provider_id=2 HTTP 302
  • https://prodmp.ru/li?guid=3115290F05220F325EB5&uid=62d0f02505f708479ac249f0&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62d0f02505f708479ac249f0%2526i%253D7119399360667410799%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62d0f02505f708479ac249f0%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62d0f02505f708479ac249f0%25252526nc%2525253D4020588395831498425%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62d0f02505f708479ac249f0%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FxLfmfLC7CYuqPY3fMXyGqW%25252525253Fsign%25252525253D293192260%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62d0f02505f708479ac249f0&dsp_provider_id=2 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/62d0f02505f708479ac249f0?sign=91e82851&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62d0f02505f708479ac249f0%2526i%253D7119399360667410799%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62d0f02505f708479ac249f0%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62d0f02505f708479ac249f0%25252526nc%2525253D4020588395831498425%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62d0f02505f708479ac249f0%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FxLfmfLC7CYuqPY3fMXyGqW%25252525253Fsign%25252525253D293192260%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62d0f02505f708479ac249f0 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/62d0f02505f708479ac249f0?redir-setuniq=1&sign=91e82851&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62d0f02505f708479ac249f0%2526i%253D7119399360667410799%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62d0f02505f708479ac249f0%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62d0f02505f708479ac249f0%25252526nc%2525253D4020588395831498425%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62d0f02505f708479ac249f0%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FxLfmfLC7CYuqPY3fMXyGqW%25252525253Fsign%25252525253D293192260%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62d0f02505f708479ac249f0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=62d0f02505f708479ac249f0&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62d0f02505f708479ac249f0%26i%3D7119399360667410799%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D62d0f02505f708479ac249f0%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D62d0f02505f708479ac249f0%252526nc%25253D4020588395831498425%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D62d0f02505f708479ac249f0%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FxLfmfLC7CYuqPY3fMXyGqW%252525253Fsign%252525253D293192260%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D62d0f02505f708479ac249f0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=62d0f02505f708479ac249f0&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62d0f02505f708479ac249f0%26i%3D7119399360667410799%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D62d0f02505f708479ac249f0%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D62d0f02505f708479ac249f0%252526nc%25253D4020588395831498425%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D62d0f02505f708479ac249f0%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FxLfmfLC7CYuqPY3fMXyGqW%252525253Fsign%252525253D293192260%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D62d0f02505f708479ac249f0&bounce=1 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=62d0f02505f708479ac249f0&i=7119399360667410799&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62d0f02505f708479ac249f0%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62d0f02505f708479ac249f0%2526nc%253D4020588395831498425%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62d0f02505f708479ac249f0%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FxLfmfLC7CYuqPY3fMXyGqW%2525253Fsign%2525253D293192260%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62d0f02505f708479ac249f0 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=62d0f02505f708479ac249f0&i=7119399360667410799&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62d0f02505f708479ac249f0%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62d0f02505f708479ac249f0%2526nc%253D4020588395831498425%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62d0f02505f708479ac249f0%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FxLfmfLC7CYuqPY3fMXyGqW%2525253Fsign%2525253D293192260%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62d0f02505f708479ac249f0 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=pnM5-aOMZQuTuoK7u7yY&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62d0f02505f708479ac249f0%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62d0f02505f708479ac249f0%2526nc%253D4020588395831498425%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62d0f02505f708479ac249f0%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FxLfmfLC7CYuqPY3fMXyGqW%2525253Fsign%2525253D293192260%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62d0f02505f708479ac249f0 HTTP 302
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEJ1a_V3-odYlh7juoTIc_Jg&ver=1&google_error=&code=224&ts=pnM5-aOMZQuTuoK7u7yY&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62d0f02505f708479ac249f0%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62d0f02505f708479ac249f0%2526nc%253D4020588395831498425%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62d0f02505f708479ac249f0%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FxLfmfLC7CYuqPY3fMXyGqW%2525253Fsign%2525253D293192260%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62d0f02505f708479ac249f0 HTTP 307
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62d0f02505f708479ac249f0&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62d0f02505f708479ac249f0%26nc%3D4020588395831498425%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D62d0f02505f708479ac249f0%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252FxLfmfLC7CYuqPY3fMXyGqW%25253Fsign%25253D293192260%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D62d0f02505f708479ac249f0 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62d0f02505f708479ac249f0&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62d0f02505f708479ac249f0%26nc%3D4020588395831498425%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D62d0f02505f708479ac249f0%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252FxLfmfLC7CYuqPY3fMXyGqW%25253Fsign%25253D293192260%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D62d0f02505f708479ac249f0&cs=1 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=62d0f02505f708479ac249f0&nc=4020588395831498425&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62d0f02505f708479ac249f0%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252FxLfmfLC7CYuqPY3fMXyGqW%253Fsign%253D293192260%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D62d0f02505f708479ac249f0 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=62d0f02505f708479ac249f0&nc=4020588395831498425&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62d0f02505f708479ac249f0%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252FxLfmfLC7CYuqPY3fMXyGqW%253Fsign%253D293192260%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D62d0f02505f708479ac249f0&cc=1 HTTP 302
  • https://adx.com.ru/adspend-sync?uid=62d0f02505f708479ac249f0&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FxLfmfLC7CYuqPY3fMXyGqW%3Fsign%3D293192260%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62d0f02505f708479ac249f0 HTTP 302
  • https://adx.com.ru/adspend-sync?confirm=true&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FxLfmfLC7CYuqPY3fMXyGqW%3Fsign%3D293192260%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62d0f02505f708479ac249f0&uid=62d0f02505f708479ac249f0
Request Chain 122
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=434aa4f8-8d41-52c4-8d0d-e575efdd1550
Request Chain 123
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D65bbbff9c6174855a3d484c257899316 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=7f1c7e50-03f8-11ed-8d99-801844df107c HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=45cccbf5-6903-473b-a282-e274468999e8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5357c672-9dd0-4579-8afd-e0b229d2198a&expires=1&user_group=2&ssp=lemma&bsw_param=45cccbf5-6903-473b-a282-e274468999e8 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=45cccbf5-6903-473b-a282-e274468999e8 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=7f1c7e50-03f8-11ed-8d99-801844df107c HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=45cccbf5-6903-473b-a282-e274468999e8&ssp=lemma&gdpr=&gdpr_consent=
Request Chain 130
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=65bbbff9c6174855a3d484c257899316 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=65bbbff9c6174855a3d484c257899316
Request Chain 134
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 148
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df2c5a682b01d5638%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f2c5a682b01d5638&uid=7012578570036581631
Request Chain 150
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 162
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0e894567-2a42-4f4e-8fa3-9ca12336b0b9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Request Chain 168
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=e11036df-95b7-47e9-8223-e4ac4286451a&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 169
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a45e46b2-d097-4464-52dd-fc19d41675f1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a45e46b2-d097-4464-52dd-fc19d41675f1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=87518306800439974270304140451458610651&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Request Chain 171
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7120455052589660315&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Request Chain 173
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a45e46b2-d097-4464-52dd-fc19d41675f1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a45e46b2-d097-4464-52dd-fc19d41675f1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361&bounce=1&random=3127271395 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=fqkbeDFg8JB4Oc/q.ihJBu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Request Chain 174
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 175
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a45e46b2-d097-4464-52dd-fc19d41675f1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a45e46b2-d097-4464-52dd-fc19d41675f1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Request Chain 176
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-Cxc.mvZE2oqgwnWCasG2cgNfG0dblvnFpw--~A&zpartnerid=570&env=mWeb
Request Chain 177
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=ZT%2FyN%2BHo8kQdaZqrNtLodWbPjytHOfGx%2BS41iYitP1U%3D
Request Chain 181
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361&_test=YtDwJQAQPqxDMgAj HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtDwJQAQPqxDMgAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361&_test=YtDwJQAQPqxDMgAj
Request Chain 182
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.cea7637b-7e53-4168-8a54-8a87c0e4da51&zdid=1361
Request Chain 183
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Request Chain 184
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a45e46b2-d097-4464-52dd-fc19d41675f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a45e46b2-d097-4464-52dd-fc19d41675f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361&dcc=t
Request Chain 186
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Request Chain 219
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
Request Chain 223
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
Request Chain 224
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
Request Chain 225
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1657860133959 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5526020835
Request Chain 227
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=abd8075a-d4e9-404a-b090-b88c5d6258e1
Request Chain 228
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e3459477-c829-457e-836f-f5a036560197
Request Chain 229
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7012578570036581631
Request Chain 231
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=65bbbff9c6174855a3d484c257899316
Request Chain 239
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df2c5a682b01d5638%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f2c5a682b01d5638&uid=7012578570036581631
Request Chain 240
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 248
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3Da66f9c3d-a5f4-4114-730a-b57cddf9d4ce%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=a66f9c3d-a5f4-4114-730a-b57cddf9d4ce&zdid=1361
Request Chain 252
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 258
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 279
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1dd78631b92eb07e%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1dd78631b92eb07e&uid=7012578570036581631
Request Chain 281
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 306
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3Dea52275d-a4a2-45a0-47f0-eb11d905a955%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=ea52275d-a4a2-45a0-47f0-eb11d905a955&zdid=1361
Request Chain 311
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1470705190
Request Chain 312
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
Request Chain 313
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7012578570036581631
Request Chain 314
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e3459477-c829-457e-836f-f5a036560197
Request Chain 316
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
Request Chain 318
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=abd8075a-d4e9-404a-b090-b88c5d6258e1
Request Chain 319
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
Request Chain 322
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=65bbbff9c6174855a3d484c257899316
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=&google_gid=CAESEJ-2ESymPjDdIr3RWEEEKrA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 330
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8263187426641512786 HTTP 302
  • https://a.audrte.com/p
Request Chain 345
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
Request Chain 346
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b52363325a4413a7
Request Chain 354
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1dd78631b92eb07e%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1dd78631b92eb07e&uid=7012578570036581631
Request Chain 357
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 363
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 369
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
Request Chain 370
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b52363325a4413a7
Request Chain 373
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8263187426641512786 HTTP 302
  • https://a.audrte.com/p
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=&google_gid=CAESEJ-2ESymPjDdIr3RWEEEKrA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 379
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D30c74f5a-e111-44b9-66fb-f497c773e315%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=30c74f5a-e111-44b9-66fb-f497c773e315&zdid=1361
Request Chain 403
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8263187426641512786 HTTP 302
  • https://a.audrte.com/p
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=&google_gid=CAESEJ-2ESymPjDdIr3RWEEEKrA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 463
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=&google_gid=CAESEJ-2ESymPjDdIr3RWEEEKrA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 464
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8263187426641512786 HTTP 302
  • https://a.audrte.com/p
Request Chain 470
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

508 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zdorovia.com.ua/ 		88 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
cc9a52a10362d8baf48434b7d3ac2e081d84ddbe21ae0f52e3c0d9911d61e182

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Fri, 15 Jul 2022 04:42:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Sun, 14 Aug 2022 04:42:12 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Sun, 14 Aug 2022 04:42:12 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		267 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Sun, 14 Aug 2022 04:42:12 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Sun, 14 Aug 2022 04:42:12 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/ 		64 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Sun, 14 Aug 2022 04:42:12 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 08 Jul 2022 14:23:37 GMT
X-Content-Type-Options
nosniff
Age
569915
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
85925
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="hosted-libraries-pushers"
Expires
Sat, 08 Jul 2023 14:23:37 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Sun, 14 Aug 2022 04:42:12 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Sun, 14 Aug 2022 04:42:12 GMT
media.js
zdorovia.com.ua/templates/default3/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Sun, 14 Aug 2022 04:42:12 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Sun, 14 Aug 2022 04:42:12 GMT
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-13T13:08:16+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Tue, 05 Jul 2022 13:12:40 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-15T04:37:51+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:25 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Sun, 14 Aug 2022 04:42:12 GMT
kumkum.jpg
zdorovia.com.ua/uploads/dsn/70/34/001/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/70/34/001/kumkum.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
3199170b3f1d84f8dc1ba6c4f88d65ff2f316b51b67127673ae2b567f8b43696

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Thu, 14 Jul 2022 10:04:26 GMT
Server
nginx/1.12.1
ETag
"62cfea2a-5c47"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23623
Expires
Sun, 14 Aug 2022 04:42:12 GMT
335b2a94c5bf6f1dab0114ac908569ca0d2a1ab81.jpg
zdorovia.com.ua/uploads/dsn/f5/b2/003/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f5/b2/003/335b2a94c5bf6f1dab0114ac908569ca0d2a1ab81.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f94fac4a3eb3855941efbd4014d8a8e46ba6304e10e3e798bae5dbe6a13b251e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Wed, 13 Jul 2022 08:40:03 GMT
Server
nginx/1.12.1
ETag
"62ce84e3-6af2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27378
Expires
Sun, 14 Aug 2022 04:42:12 GMT
2065f16a583daf92205aa98f35270ad4fc8e05e51.jpg
zdorovia.com.ua/uploads/dsn/7f/ef/001/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/7f/ef/001/2065f16a583daf92205aa98f35270ad4fc8e05e51.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
44f29f57d85acfe9a211e77308edb77f93943c07191ec4531bd52f05000c3530

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 12 Jul 2022 11:40:17 GMT
Server
nginx/1.12.1
ETag
"62cd5da1-e037"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57399
Expires
Sun, 14 Aug 2022 04:42:12 GMT
ai-258607-aux-head-20170804_prianosti_t1.jpg
zdorovia.com.ua/uploads/dsn/10/a7/003/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/10/a7/003/ai-258607-aux-head-20170804_prianosti_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f8b5e9ccd182fecd4fddec539b4cf581c96c3ce033fccbf73c727961a3613811

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 05 Jul 2022 14:46:54 GMT
Server
nginx/1.12.1
ETag
"62c44ede-7c02"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31746
Expires
Sun, 14 Aug 2022 04:42:12 GMT
ducofmt.jpeg
zdorovia.com.ua/uploads/dsn/ea/07/001/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ea/07/001/ducofmt.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
774c91a7d60c937e37f977e6138e18040aca9ec06d44d7df4f0f64735fb06d33

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Fri, 08 Jul 2022 13:37:07 GMT
Server
nginx/1.12.1
ETag
"62c83303-5110"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20752
Expires
Sun, 14 Aug 2022 04:42:12 GMT
feasv.jpg
zdorovia.com.ua/uploads/dsn/5a/14/001/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/5a/14/001/feasv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e88a4615ec9f68f26914eea185182b586a1341382254b50acb70438a6da3d837

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Mon, 04 Jul 2022 07:45:02 GMT
Server
nginx/1.12.1
ETag
"62c29a7e-48db"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18651
Expires
Sun, 14 Aug 2022 04:42:12 GMT
370253_11.jpg
zdorovia.com.ua/uploads/dsn/0b/8b/001/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/0b/8b/001/370253_11.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1780dff128a6c49fe8002a7620843d05f1a9ad705ecf8ca53ea800b8999e3c88

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sat, 02 Jul 2022 19:39:42 GMT
Server
nginx/1.12.1
ETag
"62c09efe-4db5"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19893
Expires
Sun, 14 Aug 2022 04:42:12 GMT
zhuliasi.jpg
zdorovia.com.ua/uploads/dsn/42/c5/001/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/42/c5/001/zhuliasi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Mon, 06 Jun 2022 10:12:41 GMT
Server
nginx/1.12.1
ETag
"629dd319-31cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12749
Expires
Sun, 14 Aug 2022 04:42:12 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Sun, 14 Aug 2022 04:42:12 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Sun, 14 Aug 2022 04:42:12 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Sun, 14 Aug 2022 04:42:12 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Sun, 14 Aug 2022 04:42:12 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Sun, 14 Aug 2022 04:42:12 GMT
kor.jpg
zdorovia.com.ua/uploads/dsn/3b/80/005/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/3b/80/005/kor.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Wed, 08 Sep 2021 08:44:53 GMT
Server
nginx/1.12.1
ETag
"61387805-4f89"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20361
Expires
Sun, 14 Aug 2022 04:42:12 GMT
doglyad.jpg
zdorovia.com.ua/uploads/dsn/dd/14/018/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/14/018/doglyad.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Fri, 29 Jan 2021 10:09:42 GMT
Server
nginx/1.12.1
ETag
"6013dee6-4655"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18005
Expires
Sun, 14 Aug 2022 04:42:12 GMT
shud.jpg
zdorovia.com.ua/uploads/dsn/9f/63/014/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/9f/63/014/shud.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Wed, 27 Jan 2021 13:56:56 GMT
Server
nginx/1.12.1
ETag
"60117128-3ff4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16372
Expires
Sun, 14 Aug 2022 04:42:12 GMT
5.jpg
zdorovia.com.ua/uploads/dsn/03/2b/055/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/03/2b/055/5.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Fri, 15 Jan 2021 10:50:41 GMT
Server
nginx/1.12.1
ETag
"60017381-84f8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34040
Expires
Sun, 14 Aug 2022 04:42:12 GMT
b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
zdorovia.com.ua/uploads/dsn/41/69/002/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/41/69/002/b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Mon, 18 Apr 2022 19:59:33 GMT
Server
nginx/1.12.1
ETag
"625dc325-3b39"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15161
Expires
Sun, 14 Aug 2022 04:42:12 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Sun, 14 Aug 2022 04:42:13 GMT
0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
zdorovia.com.ua/uploads/dsn/c2/6d/002/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/c2/6d/002/0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Thu, 06 Jan 2022 20:09:55 GMT
Server
nginx/1.12.1
ETag
"61d74c93-814b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33099
Expires
Sun, 14 Aug 2022 04:42:13 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Sun, 14 Aug 2022 04:42:13 GMT
atv.jpg
zdorovia.com.ua/uploads/dsn/24/1c/001/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/24/1c/001/atv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f1e60fb129ced9eebf273d236b7a8d47a98fa7a063d6c607727c82b699a24fb1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 21 Jun 2022 15:34:51 GMT
Server
nginx/1.12.1
ETag
"62b1e51b-51be"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20926
Expires
Sun, 14 Aug 2022 04:42:12 GMT
kmkmk.jpg
zdorovia.com.ua/uploads/dsn/07/64/001/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/07/64/001/kmkmk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
9b9ff8a452929637abe720ab68d6c766dadbb975414c8914f2dc81d1b45f5a8e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Mon, 20 Jun 2022 12:00:37 GMT
Server
nginx/1.12.1
ETag
"62b06165-2e6b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11883
Expires
Sun, 14 Aug 2022 04:42:12 GMT
hubsu.jpg
zdorovia.com.ua/uploads/dsn/b5/79/001/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/b5/79/001/hubsu.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
28d7c84902b2f125d9a2dc6cae91b79c4fc83524733617606261dd805a87f599

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Mon, 20 Jun 2022 06:11:56 GMT
Server
nginx/1.12.1
ETag
"62b00fac-4e1e"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19998
Expires
Sun, 14 Aug 2022 04:42:12 GMT
makm.jpg
zdorovia.com.ua/uploads/dsn/35/8c/001/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/35/8c/001/makm.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e222ff7225e68bf42e9fc1cc841dd256b391daffb3fddf263b2c5ac916f4b3f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Jun 2022 14:11:35 GMT
Server
nginx/1.12.1
ETag
"62a89717-3f24"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16164
Expires
Sun, 14 Aug 2022 04:42:12 GMT
d8c527d-hlib1.jpg
zdorovia.com.ua/uploads/dsn/1b/55/004/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/1b/55/004/d8c527d-hlib1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
46b0ef7e741ff491d90a9e9fb67bba81f023ff2b07d488fbcda68732a7a7dc26

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sat, 02 Jul 2022 19:46:05 GMT
Server
nginx/1.12.1
ETag
"62c0a07d-91eb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37355
Expires
Sun, 14 Aug 2022 04:42:12 GMT
kzhliuiemd.jpg
zdorovia.com.ua/uploads/dsn/3c/73/002/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/3c/73/002/kzhliuiemd.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
c282164cdf8f7d9d7bd651c33b2f9823f515021ae2a42ba87017b065edc944a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Thu, 14 Jul 2022 12:24:15 GMT
Server
nginx/1.12.1
ETag
"62d00aef-4e17"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19991
Expires
Sun, 14 Aug 2022 04:42:13 GMT
ezhulki.jpg
zdorovia.com.ua/uploads/dsn/33/c6/002/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/33/c6/002/ezhulki.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e82a908d850b5739ee42862df40ebf15e164bbff47449691e8b696cd910da9f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Thu, 14 Jul 2022 12:19:31 GMT
Server
nginx/1.12.1
ETag
"62d009d3-3f3b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16187
Expires
Sun, 14 Aug 2022 04:42:13 GMT
f6ed87ac520be94a5cf43f3b5a2c1f70e0ebf0011.jpg
zdorovia.com.ua/uploads/dsn/ca/2a/001/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ca/2a/001/f6ed87ac520be94a5cf43f3b5a2c1f70e0ebf0011.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
440ed3b0553bf55ca74b909ed47f50af6152ea4cdd32738fb291ec639f9eec5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Thu, 14 Jul 2022 07:46:15 GMT
Server
nginx/1.12.1
ETag
"62cfc9c7-47f3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18419
Expires
Sun, 14 Aug 2022 04:42:13 GMT
kdvit.jpg
zdorovia.com.ua/uploads/dsn/b6/11/001/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/b6/11/001/kdvit.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
318386abe430572a09f20f0de11cf2d1a0158db3953a47e2a1db7bdc1334a87f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Thu, 14 Jul 2022 11:26:48 GMT
Server
nginx/1.12.1
ETag
"62cffd78-37a4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14244
Expires
Sun, 14 Aug 2022 04:42:13 GMT
cutfmv.jpg
zdorovia.com.ua/uploads/dsn/c9/03/002/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/c9/03/002/cutfmv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
75954effae614c077f123335adebbcaee0612916f7a6cc377abc6691a4ba9716

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Tue, 05 Jul 2022 05:58:06 GMT
Server
nginx/1.12.1
ETag
"62c3d2ee-4b59"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19289
Expires
Sun, 14 Aug 2022 04:42:13 GMT
documt.jpg
zdorovia.com.ua/uploads/dsn/2d/7f/001/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/2d/7f/001/documt.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
89569f7b8efe5db3fadb9f6d91fbcd54bca84c94d4364bf17e8e1245c6359773

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Tue, 05 Jul 2022 06:23:24 GMT
Server
nginx/1.12.1
ETag
"62c3d8dc-51a8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20904
Expires
Sun, 14 Aug 2022 04:42:13 GMT
kuzhlm.jpg
zdorovia.com.ua/uploads/dsn/89/29/001/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/89/29/001/kuzhlm.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
148da672760464ad3ef5260e94c03ec082f83b74969b414f3604dac43a4c3fb5

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Tue, 05 Jul 2022 06:31:04 GMT
Server
nginx/1.12.1
ETag
"62c3daa8-3c95"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15509
Expires
Sun, 14 Aug 2022 04:42:13 GMT
ukloims.jpg
zdorovia.com.ua/uploads/dsn/84/2c/002/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/84/2c/002/ukloims.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1a1b4b9b38d688aa69c05536280627eb785e470bcb2fff52a256c301dbda5873

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Tue, 05 Jul 2022 07:00:59 GMT
Server
nginx/1.12.1
ETag
"62c3e1ab-7298"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29336
Expires
Sun, 14 Aug 2022 04:42:13 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Sun, 14 Aug 2022 04:42:12 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Sun, 14 Aug 2022 04:42:12 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Sun, 14 Aug 2022 04:42:12 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Sun, 14 Aug 2022 04:42:12 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Sun, 14 Aug 2022 04:42:12 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Sun, 14 Aug 2022 04:42:12 GMT
3_1_3.png
i.i.ua/r/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Age
345651
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
72afd484edb90091-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Tue, 11 Jul 2023 04:41:21 GMT
logo
counter.yadro.ru/ 		672 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
672
Expires
Fri, 14 Jul 2023 21:00:00 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6c4442649280faf20691f640524bfa6550e83d8db6e24675867e5286d9bf4b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 15 Jul 2022 04:42:12 GMT
vast.js
cdn.admixer.net/scripts3/r/ 		136 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.admixer.net/scripts3/r/vast.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ID
fr5-up-gc17
Date
Fri, 15 Jul 2022 04:42:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 13:43:44 GMT
Server
nginx
ETag
W/"5a60a490-21e4b"
Vary
Accept-Encoding
X-Cached-Since
2022-07-05T13:07:56+00:00
Content-Type
application/javascript
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Thu, 06 Jul 2023 13:07:56 GMT
branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
  • https://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
Date
Fri, 15 Jul 2022 04:42:12 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3570
date
Fri, 15 Jul 2022 03:42:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 15 Jul 2022 05:42:42 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.4748768962674601
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 14 Jul 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.4748768962674601
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 14 Jul 2021 21:00:00 GMT
s
r.i.ua/ 		43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r.i.ua/s?u152465&p0&n0.38081526056243775&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:12 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
72afd484dad4f41f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:12 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Sun, 14 Aug 2022 04:42:12 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Sun, 14 Aug 2022 04:42:12 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/ 		251 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Sun, 14 Aug 2022 04:42:12 GMT
link-arrow.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Sun, 14 Aug 2022 04:42:13 GMT
page.php
www.facebook.com/plugins/ Frame B6EF 		52 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04b36d5defc153b6c8ab0d130684f01eb484c98c29f8df379bf015c24d5f9dfb
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 15 Jul 2022 04:42:12 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ifIjad/+HM9meVtNaLVH1gd/eJg92UQOIk3VNuwRW6Xnv70dUEB2IhUGQUTNjthOzc810ZFR4Gx9P86liOSPPw==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n529776&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:12 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Mon, 18 Jul 2022 04:42:12 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:12 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
c.html
cdn.admixer.net/scripts3/46506/ Frame 9AE7 		738 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:12 GMT
etag
W/"62824272-2e2"
expires
Sat, 15 Jul 2023 08:50:17 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-14T08:50:17+00:00
x-id
fr5-up-gc32
a21031c0f6a0994b3314.b.js
scripts.go2net.com.ua/scripts3/46506/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-07-13T13:13:25+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 13:00:22 GMT
0a75d04ce9f53a1a35b6.b.js
scripts.go2net.com.ua/scripts3/46506/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-07-14T09:10:30+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 15 Jul 2023 09:10:30 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame A7D5 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:12 GMT
etag
W/"62824272-2e2"
expires
Sat, 15 Jul 2023 08:50:17 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-14T08:50:17+00:00
x-id
fr5-up-gc32
TnMRGlS2O2-.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame B6EF 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/TnMRGlS2O2-.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ff6a43ed2b802139092338f5178875c1563ccfee4057256cbf566f1e510ac68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FZlPWHg2On8uljYW7rvZOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4925
x-fb-rlafr
0
x-fb-debug
RtmqCwJliPhwUDDzBC9CmnjN4CeqG6l4u545x7LS02PvtnuvK5hMkW/AgWAXmFaPOx6gS2Z+/SPgB3HPPvCOog==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 14 Jul 2023 15:31:35 GMT
FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame B6EF 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XpWPuiqLnlvq4xkatdITVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
831
x-fb-rlafr
0
x-fb-debug
4PG+zScLkPZ/SVyzCesiEgJTvhIcUqN69Z3Y5J9OMhM0B0xBMLW5frm3z2aoj9x9P7Mz+iRaSO3aW1/caI3KKQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Jul 2023 23:37:10 GMT
wNWWb71hic0.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame B6EF 		320 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84fb7c77dd0c26c67d067b5ab60856ed7f3cb54c828290cb791382f54d3ddac3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nk52hgdMly+fHVkTyznJPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88116
x-fb-rlafr
0
x-fb-debug
OaSKn3ZTZB1HTwNO8vCpGWdo4SBW22EHp7TwJyCu2lp3ldWGt6yNORGM0UQCLzb4MbMWWCYXyHQ7/yKny9QZpA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 14 Jul 2023 02:29:07 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame B6EF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FvCDsjtWXbnS8g0a11kzwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
wZFEQqJzCkPbTyaUqRPMV7LnqfgTP8cS2FJfHpDI9uG5rGjb+h8oRydfvNFjVR16S2mWHs/T4NGZmCE73lH2Kg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 12 Jul 2023 00:58:49 GMT
fqvvIItFrT4.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame B6EF 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/fqvvIItFrT4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e47e3520a08c6e282f35b755ac5b525000a05fe172e48c1c8e9eb3d7d680d356
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZxxCJt/W1BdRqQXk2CSxyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12526
x-fb-rlafr
0
x-fb-debug
02HOn+p1yW3y79WEBr/AuMsoX/Sd3IRE6U0cNot808UOsJiPZfbrc/ewrVPNPYwk6QPhUMTa+/zT9JvL7Uh8jQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 13 Jul 2023 21:18:57 GMT
9gn9GUrTOCT.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame B6EF 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/9gn9GUrTOCT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0a644a176192dac8c71e5e45fc76a2843dbffefd9e51816a371da02fadd1b0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
C+aNTq0we+NCna4I0leM4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15824
x-fb-rlafr
0
x-fb-debug
F2+IyUyrMFxVgbc39a9SZQvTvE3EFQFiwwpT4NpxFB624tDt6v+1elSkBHkT2hY53Fr8dD5fqqqZrFZR0BQvAA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 14 Jul 2023 02:29:07 GMT
PUM1unzhwy5.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame B6EF 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/PUM1unzhwy5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3094f576eaf7398523dea0d1067afc0889f1d79b204090bc452227213e6eb495
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JIHbjBEKgcPZNVQFBj/7mg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7644
x-fb-rlafr
0
x-fb-debug
f68aJZc/I1WBRrJQB5fz67H9GCgYLqSc/PIOBVwIenyLV5B+5jdaR7A7N6PY/XzNBbWWHgNYuwY//m3OHH+bjQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 14 Jul 2023 16:02:59 GMT
99Wl7GRyhu_.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame B6EF 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/99Wl7GRyhu_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
441d564165f2937c9f4ab097b5ba6ce76635bde0d28546d891b8cb235dbe9710
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Eh7jfThuvE3M1a99CGvI/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6376
x-fb-rlafr
0
x-fb-debug
4um2xpICVSMmgiOHLtBTU2x1viWP/jpsk5ec4p8lA5IK9AgQyQxlR4vn2vSj34KlSois8xG/+H1UrQQsvq7DxA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 13 Jul 2023 19:32:38 GMT
UulpUHLdX_E.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame B6EF 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/UulpUHLdX_E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ff4dbe77447bf06729584e2541ed7d8a7ba8fe95355ea95de66bbd90fb0fc01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sMw1lKdYN4PSuH8Z1MWqsA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3603
x-fb-rlafr
0
x-fb-debug
n2GcEeT/rsZqrteNo1h/7nHX9vx5Bj5fVqL6qsxP6hMAlutAtMGqL4EOgWDMgw/5/HUIo8rxp1vz4AmwndwLJA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:01:34 GMT
PqdUGIK6vw7.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yu/l/en_GB/ Frame B6EF 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yu/l/en_GB/PqdUGIK6vw7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44fe3c928a3046415e4d420877c728ab13598e78c3e0e0b2fe14a1e0c942d7ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ee1djyCnSVL0w9OMhI0aHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7084
x-fb-rlafr
0
x-fb-debug
/efUmknTiJ9CjU1UX+Huj0d7F+mw89CvRcclXv0MOY0seD7X3yoNg6Ms0NzOiELOhfdEAbqb0aizyBlZL0UO6A==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 06 Jul 2023 01:27:12 GMT
1oWx5JjuZQ5.js
static.xx.fbcdn.net/rsrc.php/v3i7244/yc/l/en_GB/ Frame B6EF 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7244/yc/l/en_GB/1oWx5JjuZQ5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
efeb239e90e03f1c98f6b5e6b9c46f8a3f546e933b8ebed3134e36d84d24df75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jzmMiDnANw6izH+/u9VtLA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
22859
x-fb-rlafr
0
x-fb-debug
Y/+LEiE3oVzxeHAKVMm+VHyrz4eI44QXrBzkAR4qmbsO489eh1L6Asuesk0EVQKFMz4uTr5bSQ50Ka7irN2PLg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 13 Jul 2023 20:38:26 GMT
SZAjJITSQnM.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame B6EF 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/SZAjJITSQnM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
57bad8607901d7cc20260262a8063a7b88d2b61cab3e6850f73b52cd1c716ab9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BI1R/ngtQikShgzcetofPw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7199
x-fb-rlafr
0
x-fb-debug
CD0xaTGkAFB2VLpes+36ipvXMuTA/8cIFaILsDFdT9R5plNsplIWROvQWmeYVmce1NH3xDq8IHn4KTadi8IS1w==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 12 Jul 2023 04:59:57 GMT
www-widgetapi.js
www.youtube.com/s/player/dfd2e197/www-widgetapi.vflset/ 		158 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dfd2e197/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9d2b13bd7e7c42fb66b1809b53f882444ea82f853a18f8295913ce0f920dab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:00:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
2500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52404
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 00:16:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 15 Jul 2023 04:00:32 GMT
4KnttQn9CRv.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame B6EF 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/4KnttQn9CRv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff35b309bbb94f7d46d2df30a901f7a149160bf2c62395aadaac4d81fbfc7003
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DeoJ+Q+9mJI4tTKRHTS7FQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8125
x-fb-rlafr
0
x-fb-debug
tckT1tJJuKmbzTk1fH2v8onCVvk+ec64cQftskLYV0Xvl6Mh4X7oRIXaPdjeMv4H6pKaPW73GK+2Vdr1QsT0qA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Jul 2023 20:40:58 GMT
26169268_2027047760843857_7213779766090150706_n.png
scontent-lcy1-1.xx.fbcdn.net/v/t1.18169-1/ Frame B6EF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-lcy1-1.xx.fbcdn.net/v/t1.18169-1/26169268_2027047760843857_7213779766090150706_n.png?stp=cp0_dst-png_p50x50&_nc_cat=101&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=pX9mL8U85GkAX8CyI5d&_nc_ht=scontent-lcy1-1.xx&edm=ADwHzz8EAAAA&oh=00_AT_LO16HaFZ50gsIKperfZS8-7yeWzK_EX4l8y42631LoQ&oe=62F66673
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cb706286d335d6c1c71f0dfa2da12a28563585c6184d68b0294a8f976222b85

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum
953752327
date
Fri, 15 Jul 2022 04:42:13 GMT
x-fb-trip-id
1679558926
last-modified
Wed, 03 Jan 2018 18:33:52 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=3394686489
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3790524336
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1986
dsp.aspx
inv-nets.admixer.net/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7952576084385474&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2284022f0b-ac7f-2975-eae3-cf850165148f%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228d3272cd-4af1-718d-0271-2f8b3dfbd0ea%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22dd5f95c5-bacd-cab4-105e-baef95309e7f%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22bf839875-0257-3a51-0d97-7f609010f33f%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
406884d390cd6a3aa38b68d0e3c31bdec0139a73b68cd17e6fea9d4cb63ad1cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3217
X-Xss-Protection
0
dsp.aspx
ads.go2net.com.ua/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=7949766700797374&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2215c8c3ce-5b99-a657-878e-0b9329f105eb%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227a9565a9-5d40-a41c-cdc5-c5d417e0850e%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22491cb526-1ea7-6c80-a484-2be6c88e22e5%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
5b049d0f6436072f525c65c4bc093f2ae446773114f7dcf1140d10c2430d6a84
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2937
X-Xss-Protection
0
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=758121610&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=758121610&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1598207648.1657860133&jid=1934097783&_v=5.7.2&z=758121610
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1598207648.1657860133&jid=1934097783&_v=5.7.2&z=758121610
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1598207648.1657860133&jid=1934097783&_v=5.7.2&z=758121610&slf_rd=1&random=750912441
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1598207648.1657860133&jid=1934097783&_v=5.7.2&z=758121610&slf_rd=1&random=750912441
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1598207648.1657860133&jid=1934097783&_v=5.7.2&z=758121610&slf_rd=1&random=750912441
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 4614 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 15 Jul 2022 04:42:14 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame F85C 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=15007199967767714&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
87a1a8495c4cc16934a35c1fde4d6941f28ba3e6c6b741a2a779a62499d0acba

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 15 Jul 2022 04:42:13 GMT
server
nginx
analytics.js
www.google-analytics.com/ Frame F85C 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=15007199967767714&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6365
date
Fri, 15 Jul 2022 02:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Jul 2022 04:56:08 GMT
branding
a4p.adpartner.pro/ Frame F85C 		1 KB
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=441874ed-c09c-414b-9921-d5c96b8df727&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=15007199967767714&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
5ba9bb6f2a3c2671b407883d6e3114ac5c9dce1ee9a7bce4f964586cddcbf9ec

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=15007199967767714&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
e1eee23f36481a69453f.b.js
scripts.go2net.com.ua/scripts3/46506/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-07-13T13:56:03+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 13:00:24 GMT
fdabe098f34289659a17.b.js
scripts.go2net.com.ua/scripts3/46506/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-07-13T13:56:03+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 13:00:24 GMT
84011c43c3075e543c6d.b.js
scripts.go2net.com.ua/scripts3/46506/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-07-13T13:56:03+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 13:00:24 GMT
7103cce7fa6705169441.b.js
scripts.go2net.com.ua/scripts3/46506/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-07-13T13:56:03+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 13:00:24 GMT
5927ef40e4a80e0040be.b.js
scripts.go2net.com.ua/scripts3/46506/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-07-13T13:56:03+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 13:00:24 GMT
cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=NjViYmJmZjljNjE3NDg1NWEzZDQ4NGMyNTc4OTkzMTY=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=NjViYmJmZjljNjE3NDg1NWEzZDQ4NGMyNTc4OTkzMTY=&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEPmS1C_UtPyBU0sMzbtx94Y&google_cver=1
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEPmS1C_UtPyBU0sMzbtx94Y&google_cver=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEPmS1C_UtPyBU0sMzbtx94Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NjViYmJmZjljNjE3NDg1NWEzZDQ4NGMyNTc4OTkzMTY=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NjViYmJmZjljNjE3NDg1NWEzZDQ4NGMyNTc4OTkzMTY=&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEB_hmzahNwDa8lXlGK_AUsw&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEGAaS3WnRmnGnnDbbC-pvJ0&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=65bbbff9c6174855a3d484c257899316
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D65bbbff9c6174855a3d484c257899316
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c4de3bd-db26-4070-8b57-27e57c17b6fb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fedd7a49-31da-40f7-bdaa-61b7b6cf1658
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D65bbbff9c6174855a3d484c257899316
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-length
0
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT, Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Fri, 15 Jul 2022 04:42:13 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
odN6yT5qyq_.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame B6EF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/odN6yT5qyq_.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/TnMRGlS2O2-.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/TnMRGlS2O2-.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
x-content-type-options
nosniff
content-md5
jWtlBZOXpZs9LMNqqzeJoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1341
x-fb-rlafr
0
x-fb-debug
ifPRxcRSIRtELXUElHrcPdm2HvBqtZ0eFr/5Oji2u3ARbAXC10/451aJcgDhF7XfehF++rANBhWYnzsQtjGARA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 04 Jul 2023 14:49:20 GMT
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_242078&url=http%3A%2F%2Fzdorovia.com.ua%2F
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_242078&url=http%3A%2F%2Fzdorovia.com.ua%2F
28 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_242078&url=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
31e6b8019484be676484285edd74778b774a84a2d5514f6da1439f3746ad56fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_242078&url=http%3A%2F%2Fzdorovia.com.ua%2F
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync.html
s.adtelligent.com/ Frame 85BD 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=7949766700797374&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2215c8c3ce-5b99-a657-878e-0b9329f105eb%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227a9565a9-5d40-a41c-cdc5-c5d417e0850e%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22491cb526-1ea7-6c80-a484-2be6c88e22e5%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.194 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
11c86c8b7cdf23a13f34844db7257390f005ed0747a6e9e69f9efcbe32f23b67

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1260
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 764E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=7949766700797374&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2215c8c3ce-5b99-a657-878e-0b9329f105eb%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227a9565a9-5d40-a41c-cdc5-c5d417e0850e%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22491cb526-1ea7-6c80-a484-2be6c88e22e5%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 6AA8
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=7949766700797374&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2215c8c3ce-5b99-a657-878e-0b9329f105eb%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227a9565a9-5d40-a41c-cdc5-c5d417e0850e%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22491cb526-1ea7-6c80-a484-2be6c88e22e5%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5cd6779b66096d933e11cb58fb6ea48cfb07eb6336707a24c2a7d3e722ca473f

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
expires
Fri, 15 Jul 2022 04:42:13 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 15 Jul 2022 04:42:13 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606
sync
t.adx.opera.com/ 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=e3459477-c829-457e-836f-f5a036560197
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=e3459477-c829-457e-836f-f5a036560197
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=e3459477-c829-457e-836f-f5a036560197
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-bRHFU09E2uG_RCBvjwhl_VmSkMWKJNMgJZUBcZ0-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-bRHFU09E2uG_RCBvjwhl_VmSkMWKJNMgJZUBcZ0-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-bRHFU09E2uG_RCBvjwhl_VmSkMWKJNMgJZUBcZ0-~A
date
Fri, 15 Jul 2022 04:42:13 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=65bbbff9c6174855a3d484c257899316&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=65bbbff9c6174855a3d484c257899316&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=45cccbf5-6903-473b-a282-e274468999e8&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=admixer&user_id=L5yCkZkr7Sz75cqrn0Gs0
  • https://inv-nets.admixer.net/bs/cm.aspx?id=45cccbf5-6903-473b-a282-e274468999e8&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=45cccbf5-6903-473b-a282-e274468999e8&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=45cccbf5-6903-473b-a282-e274468999e8&gdpr=&consent=&gdpr_pd=
Date
Fri, 15 Jul 2022 04:42:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=65bbbff9c6174855a3d484c257899316
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z990072CE391491297E74A2FC3EE00AE&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=65bbbff9c6174855a3d484c257899316
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z990072CE391491297E74A2FC3EE00AE&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z990072CE391491297E74A2FC3EE00AE&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=65bbbff9c6174855a3d484c257899316
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YtDwJfvh_34KJV1Ax-Fd0wAACiUAAAAB
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YtDwJfvh_34KJV1Ax-Fd0wAACiUAAAAB
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5sdA7d7yaLmuV36eurMBJ%2FtzGrw1JK0dFXqgfiYQtVcNGio%2BCEot75dTfjszRX3I6Vw0AidaevSUTBf3p8ENP7GYQpQjAJC1kCo1%2BiFXqo0ewMq9BmIoBIiOhkFBzKJ5CeJJkfLQnIiPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YtDwJfvh_34KJV1Ax-Fd0wAACiUAAAAB
cache-control
no-cache
cf-ray
72afd48df9657737-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
adspend-sync
adx.com.ru/
Redirect Chain
  • https://rtb.com.ru/admixer-sync?uid=65bbbff9c6174855a3d484c257899316
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=65bbbff9c6174855a3d484c257899316
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=62d0f02505f708479ac249f0&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62d0f02505f708479ac249f0%26d...
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62d0f02505f708479ac249f0%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D64...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=62d0f02505f708479ac249f0&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F%252...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=62d0f02505f708479ac249f0&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://prodmp.ru/li?guid=3115290F05220F325EB5&uid=62d0f02505f708479ac249f0&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F%252Fdmg.di...
  • https://an.yandex.ru/mapuid/dmpmediadesk/62d0f02505f708479ac249f0?sign=91e82851&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3Dhttps%253A%252F...
  • https://an.yandex.ru/mapuid/dmpmediadesk/62d0f02505f708479ac249f0?redir-setuniq=1&sign=91e82851&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62d0f02505f708479ac249f0%26dest%3...
  • https://x01.aidata.io/0.gif?pid=6472613&id=62d0f02505f708479ac249f0&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62d0f02505f708479ac249f0%26i%3D7119399360667410799%26r%...
  • https://x01.aidata.io/0.gif?pid=6472613&id=62d0f02505f708479ac249f0&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62d0f02505f708479ac249f0%26i%3D7119399360667410799%26r%...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=62d0f02505f708479ac249f0&i=7119399360667410799&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3...
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=62d0f02505f708479ac249f0&i=7119399360667410799&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f45...
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=pnM5-aOMZQuTuoK7u7yY&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100...
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEJ1a_V3-odYlh7juoTIc_Jg&ver=1&google_error=&code=224&ts=pnM5-aOMZQuTuoK7u7yY&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62d0f02505f708479ac249f0&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62d0f02505f708479ac249f0%26nc%3D402058839...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62d0f02505f708479ac249f0&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62d0f02505f708479ac249f0%26nc%3D402058839...
  • https://cm.p.altergeo.ru/spnd?aid=62d0f02505f708479ac249f0&nc=4020588395831498425&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62d0f02505f708479ac249f0%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://cm.p.altergeo.ru/spnd?aid=62d0f02505f708479ac249f0&nc=4020588395831498425&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62d0f02505f708479ac249f0%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://adx.com.ru/adspend-sync?uid=62d0f02505f708479ac249f0&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FxLfmfLC7CYuqPY3fMXyGqW%3Fsign%3D293192260%26location%3Dhttps%253A%252F%252Ftop-fwz1.mai...
  • https://adx.com.ru/adspend-sync?confirm=true&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FxLfmfLC7CYuqPY3fMXyGqW%3Fsign%3D293192260%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter...
0
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=434aa4f8-8d41-52c4-8d0d-e575efdd1550
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=434aa4f8-8d41-52c4-8d0d-e575efdd1550
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=434aa4f8-8d41-52c4-8d0d-e575efdd1550
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D65bbbff9c617...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=7f1c7e50-03f8-11ed-8d99-801844df107c
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=45cccbf5-6903-473b-a282-e274468999e8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5357c672-9dd0-4579-8afd-e0b229d2198a&expires=1&user_group=2&ssp=lemma&bsw_param=45cccbf5-6903-473b-a282-e274468999e8
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=45cccbf5-6903-473b-a282-e274468999e8
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=7f1c7e50-03f8-11ed-8d99-801844df107c
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=45cccbf5-6903-473b-a282-e274468999e8&ssp=lemma&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=45cccbf5-6903-473b-a282-e274468999e8&ssp=lemma&gdpr=&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=45cccbf5-6903-473b-a282-e274468999e8&ssp=lemma&gdpr=&gdpr_consent=
Date
Fri, 15 Jul 2022 04:42:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-length
0
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:13 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=65bbbff9c6174855a3d484c257899316&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync.html
s.console.adtarget.com.tr/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.147.130 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15-Jul-2022 13:42:14 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=65bbbff9c6174855a3d484c257899316
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=65bbbff9c6174855a3d484c257899316
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
176.9.81.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.69.81.9.176.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=65bbbff9c6174855a3d484c257899316
date
Fri, 15 Jul 2022 04:42:13 GMT
server
nginx
etag
W/"4ba4ff31b920ef73bb0f6c015d4e6fd2fa2c71e052b0abb0c61f8d96a9a8f66b"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
N4rFdGHsBFu.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame B6EF 		153 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/N4rFdGHsBFu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca40cfa00bab0f2ca8c6c551585753463dfab71e2a956b1cd1cd0673b3c68079
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LABBeHKp/QAnFBvcwSWHRA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
46102
x-fb-rlafr
0
x-fb-debug
xG6pNEC/5kz3JVyZ/sTnOTQoN1fh7CQBHOLl5PoJ5VjK38rx/g2TlW2a/pxZmCpDXe1xFLPFY/7mZT+s6i4dyA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 14 Jul 2023 20:40:58 GMT
loader2.js
scripts.go2net.com.ua/scripts3/ Frame 8137 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-13T13:08:16+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Tue, 05 Jul 2022 13:12:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame AD15 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cb44bfedc8fadd2d8900b325e7bebff8d2e5a8edcc86a827076be994c1d7e72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56534
x-xss-protection
0
server
cafe
etag
1133448304938872099
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:13 GMT
media
a4p.adpartner.pro/ Frame 0C06
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=31c2eb6b-8651-443c-b110-e39b29a29e7a&hp=1048539382&page=zdorovia.com.ua%2F&pvid=3aa302b9-e554-4552-a3cf-6f90b9d25d89&inst=ADS-EU-6&ts=637934569329633993&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=dfdc7eaa-0ca4-4ce0-9942-e983ae13d9aa&hp=1048539382&page=zdorovia.com.ua%2F&pvid=3aa302b9-e554-4552-a3cf-6f90b9d25d89&inst=ADS-EU-6&ts=637934569329633993&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/ Frame 8A2C 		962 KB
963 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
62.149.18.58 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
cc53243-01.cc.colocall.com
Software
nginx /
Resource Hash
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 05 Jul 2022 13:58:02 GMT
Server
nginx
ETag
"62c4436a-f09be"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
985534
Expires
Sun, 16 Jul 2023 04:42:13 GMT
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&device=28&rule=AC37E472-A7BC-417C-9557-81E776BB6B82&requestId=06339267-8cce-44aa-a76f-46b49dd4096f&hp=1048539382&page=zdorovia.com.ua%2F&segments=7%2C2%2C497&ts=637934569329633993&ap=MA%3D%3D&asign=-1991954904&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=88&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-6&pxl=0&pvid=3aa302b9-e554-4552-a3cf-6f90b9d25d89&ip=5.187.21.105&item=58A999AB-FCB6-49A0-8F11-2519D7D53A56&crid=58A999AB-FCB6-49A0-8F11-2519D7D53A56&size=300x250&profile=01AC75C7-DAC0-4514-9393-6F973B39E04C&isopt=0&adv=N%2FA&dsp=Admixer+Display&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fbattlefront.vogue.ua%2Fen&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0&hold=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=f67c30ca-daf7-4793-8ae9-73e617a4294d&hp=1048539382&page=zdorovia.com.ua%2F&pvid=b6950edf-ec11-4554-beb6-dd38841bf030&inst=ADS-EU-6&ts=637934569329813617&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame 5E53 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 15 Jul 2022 04:42:13 GMT
expires
0
pragma
no-cache
server
nginx
/
www.facebook.com/platform/plugin/tab/renderer/ Frame B6EF 		82 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22348298842028226%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F%22%2C%22width%22%3A300%2C%22height%22%3A600%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Afalse%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22http%3A%2F%2Fzdorovia.com.ua%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0SU2swdq0Ho2ewnE3fw6iw4vwbS1Lw&__csr=&__req=1&__hs=19188.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1005848325&__s=%3A%3Avxnlvl&__hsi=7120455048316686998&__comet_req=0&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yc/l/en_GB/1oWx5JjuZQ5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8fd980eb0bdafd95bbee0e8c7a44552d6ecaed72f6efa790de83c110af020501
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
QSam453rZzE7LptpUNb6NK
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
nQM/Fqpzs9FdZ7cWhYPOUP5yqwOOvJHG/pmmx6K7ohYG9LuM6onz5U6s9B0Z5OAM0/SnhxKv4rhaCTX1vGoquw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 15 Jul 2022 04:42:13 GMT
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame B6EF 		975 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yc/l/en_GB/1oWx5JjuZQ5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c5525d7e2a582b22a4406e463c27f0ca5dcfdb91fd221f05af6e3f66274bcccc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
QSam453rZzE7LptpUNb6NK
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
s70xQDwuloGKRkLFiA5Hx7cNv2E1S17+nEtfNuq2RcY/ckTNr3WzEtHac1Siz34pQ/Xk7LPyM9u9CMcaVWjn5w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 15 Jul 2022 04:42:13 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame 6AA8 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Df2c5a682b01d5638
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 6AA8 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Df2c5a682b01d5638%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:12 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
bis7pj2q5k2dah38uatia3ci11tcf0al
ptag
a.audrte.com/ Frame 6AA8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f32f2c6ae994c6281a3a6b532e38957c475a705737e72d4d5ca2542167f74241

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 6AA8 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 14 Jul 2027 04:42:12 GMT
um
u-ams02.e-planning.net/ Frame 6AA8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df2c5a682b01d5638%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f2c5a682b01d5638&uid=7012578570036581631
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f2c5a682b01d5638&uid=7012578570036581631
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
e33fdbe4-3c12-44a9-91a6-deb1dfbc3236
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f2c5a682b01d5638&uid=7012578570036581631
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
onuUJj0tCqE.png
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame B6EF 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/onuUJj0tCqE.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/TnMRGlS2O2-.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/TnMRGlS2O2-.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
x-content-type-options
nosniff
content-md5
OK0dmVpVmdoMRpKMP9eDcg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3944
x-fb-rlafr
0
x-fb-debug
gE0jdyBrjsG6Q+Rv+D/unzisbYvhEMOdotX+4QsuMbJkbb/hfAWPbSsPd6AQoErYqNcu3lHRKxNUMHory7pJmQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 08 Jul 2023 01:58:31 GMT
usync.html
eus.rubiconproject.com/ Frame D3A9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:13 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 04:42:13 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F80F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df2c5a682b01d5638%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107481
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:33:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame AA82 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136831
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
31a2af28ecdecfec30ec46de3be0e9db
x-cf-tsc
1653097189
x-cf1
29080:fA.lon1:co:1585621119:cacheN.lon1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 2C74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 0BB3 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5ffcbfecd11aa47e6133e8737d5869646ec8c7398e4669909d8001b0ef00b9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72afd489d939885f-LHR
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
c.html
cdn.admixer.net/scripts3/46506/ Frame 7303 		738 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
W/"62824272-2e2"
expires
Sat, 15 Jul 2023 08:50:17 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-14T08:50:17+00:00
x-id
fr5-up-gc32
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-13T13:08:16+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Tue, 05 Jul 2022 13:12:40 GMT
dsp.aspx
ads.go2net.com.ua/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=956749079710856.9&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22776a0004-aa0e-5233-c1d7-9a3980d431d6%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226194b441-502e-1b62-8796-5f6cd38c1e08%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
61993b10e55e3f95218821fe7004ac69af070de5d270b41facdd53773a3ffd69
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2040
X-Xss-Protection
0
c.html
cdn.admixer.net/scripts3/46506/ Frame 72F2 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
W/"62824272-2e2"
expires
Sat, 15 Jul 2023 08:50:17 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-14T08:50:17+00:00
x-id
fr5-up-gc32
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame B6EF 		279 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QusOzUJEj2HVYgmawONobw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
189
x-fb-rlafr
0
x-fb-debug
D98rjlhr9LJbtPOuf6hjJH+ItNBE6U9qI/i/ORjCDRg6D2Tb2Ui6LQptSM5gsTcwArNU2eoS7Xs99gZ3sGpVbA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 13 Jul 2023 19:33:01 GMT
getuid
ib.adnxs.com/ Frame 0BB3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 0BB3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=0e894567-2a42-4f4e-8fa3-9ca12336b0b9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0e894567-2a42-4f4e-8fa3-9ca12336b0b9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48b6c0f885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=0e894567-2a42-4f4e-8fa3-9ca12336b0b9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 0BB3 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 0BB3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 0BB3 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 varnish
server
nginx
x-timer
S1657860134.569872,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lhr7338-LHR
u
dmp.v.fwmrm.net/ad/ Frame 0BB3 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:76e2:e824:b454:65c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0BB3 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e46b2-d097-4464-52dd-fc19d41675f1%26reqId%3D6965f34f-541c-4a57-5038-09813194db31%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=e11036df-95b7-47e9-8223-e4ac4286451a&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=e11036df-95b7-47e9-8223-e4ac4286451a&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48b9c49885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=e11036df-95b7-47e9-8223-e4ac4286451a&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a45e46b2-d097-4464-52dd-fc19d41675f1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a45e46b2-d097-4464-52dd-fc19d41675f1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=87518306800439974270304140451458610651&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=87518306800439974270304140451458610651&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48bcc90885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v036-05d78f288.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
hIZ03DCCTMc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=87518306800439974270304140451458610651&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 0BB3 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7120455052589660315&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-...
95 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7120455052589660315&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48b5bd9885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7120455052589660315&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 0BB3 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a45e46b2-d097-4464-52dd-fc19d41675f1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a45e46b2-d097-4464-52dd-fc19d41675f1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a45e46b2-d097-4464-52dd-fc19d41675f1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=fqkbeDFg8JB4Oc/q.ihJBu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=fqkbeDFg8JB4Oc/q.ihJBu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48c4d49885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
last-modified
Fri, 15 Jul 2022 04:42:13 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=fqkbeDFg8JB4Oc/q.ihJBu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48c2d13885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a45e46b2-d097-4464-52dd-fc19d41675f1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a45e46b2-d097-4464-52dd-fc19d41675f1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-503...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48c2d0d885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.4.140
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-Cxc.mvZE2oqgwnWCasG2cgNfG0dblvnFpw--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-Cxc.mvZE2oqgwnWCasG2cgNfG0dblvnFpw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48c2d1a885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
http/1.1 spdc0108.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-Cxc.mvZE2oqgwnWCasG2cgNfG0dblvnFpw--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=ZT%2FyN%2BHo8kQdaZqrNtLodWbPjytHOfGx%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=ZT%2FyN%2BHo8kQdaZqrNtLodWbPjytHOfGx%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48c6d7f885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=ZT%2FyN%2BHo8kQdaZqrNtLodWbPjytHOfGx%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 0BB3 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a45e46b2-d097-4464-52dd-fc19d41675f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 0BB3 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.204.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-204-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1657860133
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 0BB3 		95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a45e46b2-d097-4464-52dd-fc19d41675f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtDwJQAQPqxDMgAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-098...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtDwJQAQPqxDMgAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361&_test=YtDwJQAQPqxDMgAj
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48e2ff8885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657860134.050973,VS0,VE0
x-served-by
cache-lcy19256-LCY
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtDwJQAQPqxDMgAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361&_test=YtDwJQAQPqxDMgAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-54...
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.cea7637b-7e53-4168-8a54-8a87c0e4da51&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.cea7637b-7e53-4168-8a54-8a87c0e4da51&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48dcf71885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
location
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.cea7637b-7e53-4168-8a54-8a87c0e4da51&zdid=1361
cache-control
must-revalidate, no-store, no-cache
content-length
0
x-amz-cf-id
0Q3v8Y1vmzIqgDDEpejs-XPrkva33kfB97R_GbS727HgvtVzP4JTRg==
expires
-1
usermatch.gif
beacon.krxd.net/ Frame 0BB3
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.255.204.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-204-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1657860134
x-served-by
beacon-n001-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
date
Fri, 15 Jul 2022 04:42:14 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a001-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0BB3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a45e46b2-d097-4464-52dd-fc19d41675f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52d...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a45e46b2-d097-4464-52dd-fc19d41675f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52d...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a45e46b2-d097-4464-52dd-fc19d41675f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:14 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GMAKN3K6XVVS80XESWJN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GBKMHGRXCYBZXTQR3QGD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a45e46b2-d097-4464-52dd-fc19d41675f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 0BB3 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=a45e46b2-d097-4464-52dd-fc19d41675f1&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 0BB3
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e4...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48daf3a885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
date
Fri, 15 Jul 2022 04:42:13 GMT
cross-origin-resource-policy
cross-origin
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F80F 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56066453&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df2c5a682b01d5638%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame BF27 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cdb4d6ddd0b7546060e89e7b41ce0286543bc52498adbfe0a727cb8dfeffbd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
1810089404044510626
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
56536
X-XSS-Protection
0
Expires
Fri, 15 Jul 2022 04:42:14 GMT
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=1cf0558d-9d9e-48c3-b7ac-9970cef9a1f0&hp=1048539382&page=zdorovia.com.ua%2F&segments=7%2C2%2C497&ts=637934569329813617&ap=MA%3D%3D&asign=-1013913646&sync=96%2C88%2C98%2C3%2C80%2C57&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=b6950edf-ec11-4554-beb6-dd38841bf030&ip=5.187.21.105&item=F34E2A12-1873-45CF-A327-13F884B02F8C&crid=F34E2A12-1873-45CF-A327-13F884B02F8C&size=240x350&profile=4C02EB63-7790-4196-82B4-5362F7AB3A87&isopt=0&adv=N%2FA&dsp=Adform&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&cet=4&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=1cf0558d-9d9e-48c3-b7ac-9970cef9a1f0&hp=1048539382&page=zdorovia.com.ua%2F&pvid=b6950edf-ec11-4554-beb6-dd38841bf030&inst=ADS-EU-6&ts=637934569329813617&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
/
www.facebook.com/login/ Frame B6EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdoroviacomua%252F%26tabs%3Dtimeline%26width%3D300%26height%3D600%26small_header%3Dtrue%26adapt_container_width%3Dtrue%26hide_cover%3Dtrue%26show_facepile%3Dtrue%26appId%3D348298842028226
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 15 Jul 2022 04:42:13 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
wkvWBMgP9zgPZ2BHMj5ILNMUEr2Pl8CZ80I25E8sg87rU3brLyDpCPcEkccX2954jVCrbfrpT4RJ8bQFCHL8Zw==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame D3A9 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14720
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Fri, 15 Jul 2022 08:47:33 GMT
nLzDIgAFZ7u.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ Frame B6EF 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/nLzDIgAFZ7u.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a022ea00ec5e520fa6a35b04699c1abe95a85c768e2f4d586da157f554a918c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+KxRmY95f/QM4HSv8rwVgA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2786
x-fb-rlafr
0
x-fb-debug
+ZqwMRNypjn3AgdPuV2tmTAmm51qclFTPEc5M+km1kZFMHsa/XQgYMKBJWAQe5w7kAwRi0lYcrCGZWyjHPd5vA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Jul 2023 16:02:59 GMT
HFlDxfCWyF5.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/ Frame B6EF 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/HFlDxfCWyF5.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
88a590e51779b887e7b9f870990da99b5b7535a977e3b24bbabbaf5582a8f04a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mevbmGiFUnUNdVuFHpMHEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7590
x-fb-rlafr
0
x-fb-debug
9myEUCtgM7LlY3pkpVk5QJ9eykWubnvzvdJbWzUNrzFezXjktEVq6iR9FBYgWS1K9aWh1rL8rmQyIMCnnZma5A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Jul 2023 16:06:10 GMT
HGo2U4bbmk6.css
static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/ Frame B6EF 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/HGo2U4bbmk6.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7d5480dda0053c5009b34a22884c2a650ba2e2ccaf87bba0c84f103eb509246
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
c35Q8f7oNPtvfhnRoMq8vw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5587
x-fb-rlafr
0
x-fb-debug
huvyLkGo0ZIGLZgBBbKfC9Y3JktUbOj4eM6rhb+hoOty1B1Gb4oQCzHkz+cA9X927EOY/kW3ZoOeJisohKaXDQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Mon, 10 Jul 2023 15:36:15 GMT
truncated
/ Frame B6EF 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
Ff7zec8XHEM.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ Frame B6EF 		2 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/Ff7zec8XHEM.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d32b16e63147d591c68210d3bd219c74cca0a21444e37e8f1d678f68b2ac4c7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NDn/shriDVePd5+itPuogg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
793
x-fb-rlafr
0
x-fb-debug
FFjOlVlC3BR1GXEo1xwpAU/HqC38IcB8hyBtIqjduhMEvLyKFpLveevYMyPd9QX1d82B/lH99ErO7csiZ1oH1Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Thu, 06 Jul 2023 18:40:39 GMT
truncated
/ Frame B6EF 		516 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0592d1c43cb957f92dbb1ff08240a1c8faabc1eeb9e7186be2ce918dfd53da6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
qWrbV3h8y_6.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame B6EF 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/qWrbV3h8y_6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05f1be10987e6c7de2d4e0f7bb623161fd090825338ac42d709f400840d6d168
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iBYo6LDbX8y4OTlVHXZ2pw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16311
x-fb-rlafr
0
x-fb-debug
m76x8s+HDkqQoqkr54dZrtpj9+3KLFKCbaIeGU29ynXU5FY5A8/eKUZqCnMQsQXZFVtX9u1Oc/sDQRw/7Fmmcw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 14 Jul 2023 02:36:22 GMT
OZd9PYwe-cU.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame B6EF 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/OZd9PYwe-cU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
163ea8142b50e59a0f45a83e14ad5cc51ec2fff2635c48772cab915dfd36a2d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
otFwlZ1MUQ47m3eVnKd0aA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4977
x-fb-rlafr
0
x-fb-debug
1CixHX6K9WghZbBMJvBz0glYklub6noNNoPOG5APdoB2591vIbIzmdS0ieix9+Pt8NGNQkLENYHBTbPkZg5iBQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 08 Jul 2023 01:04:01 GMT
9I3yKjaeutr.js
static.xx.fbcdn.net/rsrc.php/v3ibcU4/yb/l/en_GB/ Frame B6EF 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/yb/l/en_GB/9I3yKjaeutr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7305ae60000c255800d67100edf03d249fff76313f57d673e8b7c66a31afbff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EwalGEQd31Gxf5inhbXsKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7367
x-fb-rlafr
0
x-fb-debug
uoF32/rE/657+tHSRUdxPpS1ZgDAo54ddWSgcIJ3RijWEHwCuDpMe5iFzNaQbKbkB2fnoGKhoUUWwJJ5jmkXWQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Tue, 11 Jul 2023 22:03:48 GMT
UE6tRXR4ZUa.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame B6EF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/UE6tRXR4ZUa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f976f171923cc1ae4aad0617193dfca0addd7f4211cee228a0fe2738c120e097
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kOCQv5lL0QyFww6qJAJxfw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1208
x-fb-rlafr
0
x-fb-debug
DJmDyhxs48Sk1duSbo0OMXWZKpFep0j5fM0OYseu/eM4HuGHEWUAo/QpifMosTajPck/oeLd0SohJIPRCU8SDA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 13 Jul 2023 18:57:21 GMT
MDNj1eUK5bV.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame B6EF 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de196fa938446c7486bcecc14b72919df6f78871a4af22c4f168a2785a0139ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+krRjR/Db6iONoDCDh0aYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10426
x-fb-rlafr
0
x-fb-debug
kPCQVPYVjtDUavchAKV6fupVoxeYvstgWc3nG4/Ju3Cvq/Yt9UTOAm3Z452fUOu/PLZM/UxCZogwdRgoiSNuMA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 13 Jul 2023 16:53:50 GMT
khaos.jpg
token.rubiconproject.com/ Frame D3A9 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
293782845_3241020246113263_527680186975967668_n.jpg
scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/ Frame B6EF 		0
0
26169268_2027047760843857_7213779766090150706_n.png
scontent-lcy1-1.xx.fbcdn.net/v/t1.18169-1/ Frame B6EF 		0
0
293509182_3240015102880444_1210854309035784493_n.jpg
scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/ Frame B6EF 		0
0
292685860_7706041442802219_6845189530785313195_n.jpg
scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/ Frame B6EF 		0
0
293544104_3239295396285748_565057931842089787_n.jpg
scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/ Frame B6EF 		0
0
293211523_3238396819708939_1546056096651548142_n.jpg
scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/ Frame B6EF 		0
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 6AA8 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 14 Jul 2022 12:57:02 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
56712
etag
"a31a707739fd82541fa40e577dbbfede"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
48227
x-amz-cf-id
w89SDE7p0NFXmjn0lL-JKCTHL0yh0ALFh0xLiQH5RWC5jxAJganBpw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame BFCD 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
W/"601b131c-27c"
expires
Wed, 14 Jul 2027 04:42:13 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame ACE9 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AEkNB%2f7HoCrYZdka
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Jul 2022 04:42:13 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
GS.d
js.cookieless-data.com/ Frame BFCD 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657860133785
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D3A9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
/
ads.us.e-planning.net/uspd/1/ Frame 8890 		2 KB
967 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c711092f3482c9574a7540014b20d7ef1e5c71f5de35c0aaebaa3692208599ab

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
expires
Fri, 15 Jul 2022 04:42:13 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606
sync.html
s.adtelligent.com/ Frame AD3B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.194 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
Adtelligent
X-Robots-Tag
noindex
d
ic.tynt.com/r/ Frame 6377 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame EDCE
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 04:42:13 GMT
Etag
294910862b220adf
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72afd48d1b8b8865-LHR
content-length
0
date
Fri, 15 Jul 2022 04:42:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 00C4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107481
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:33:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5C01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame 28CB 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.147.130 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 9309
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 04:42:13 GMT
Etag
294910862b220adf
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
3ecf9728-57ac-4b81-87f2-8a87e50a976e
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Jul 2022 04:42:13 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
csync
sync.adtelligent.com/ Frame 85BD
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
kfubma4fgi74re6ag894aei9d1emab03
generic
match.adsrvr.org/track/cmf/ Frame 85BD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1657860133959
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5526020835
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5526020835
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
RX5ee5cf7514e8454288f5eb67f82655f5003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5526020835
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
pixel
ap.lijit.com/ Frame 85BD 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:13 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 85BD
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=abd8075a-d4e9-404a-b090-b88c5d6258e1
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=abd8075a-d4e9-404a-b090-b88c5d6258e1
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=abd8075a-d4e9-404a-b090-b88c5d6258e1
date
Fri, 15 Jul 2022 04:42:14 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 85BD
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e3459477-c829-457e-836f-f5a036560197
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e3459477-c829-457e-836f-f5a036560197
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e3459477-c829-457e-836f-f5a036560197
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame 85BD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7012578570036581631
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7012578570036581631
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
05c16181-1fd5-465d-8846-54af13a43197
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7012578570036581631
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ Frame 85BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 85BD
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=65bbbff9c6174855a3d484c257899316
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=65bbbff9c6174855a3d484c257899316
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=65bbbff9c6174855a3d484c257899316
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
media.min.js
a4p.adpartner.pro/apstc/ Frame 0C06 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 9CC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 15 Jul 2022 04:42:14 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 38F6 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=2&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
3df4dcfff12a085fde3db45a708fbec81151d0a406dbcb9a8674fe9a7926c70f

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 15 Jul 2022 04:42:13 GMT
server
nginx
pixelSync
pixel.sitescout.com/dmp/ Frame 8890 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Df2c5a682b01d5638
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 8890 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Df2c5a682b01d5638%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
2ohq5pmhjrteokvvro5dfpbcpf0dk8g9
ptag
a.audrte.com/ Frame 8890 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f32f2c6ae994c6281a3a6b532e38957c475a705737e72d4d5ca2542167f74241

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 8890 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 14 Jul 2027 04:42:13 GMT
um
u-ams02.e-planning.net/ Frame 8890
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df2c5a682b01d5638%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f2c5a682b01d5638&uid=7012578570036581631
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f2c5a682b01d5638&uid=7012578570036581631
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:13 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ebaa0a60-aab5-4cb8-942a-b2bc12745e53
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f2c5a682b01d5638&uid=7012578570036581631
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 86C6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:13 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 04:42:13 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 81E8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df2c5a682b01d5638%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107481
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:33:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 61CA 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136831
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
c26e09db2126a29a4bc5d055cc34584c
x-cf-tsc
1653097189
x-cf1
29080:fA.lon1:co:1585621119:cacheN.lon1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 0516 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 02B2 		322 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cc94c8531f5ea5e83fe64e0efbbf6563f5d5821af92e791998ac7a7b388d386

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72afd48cfe4e885f-LHR
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ Frame AD15 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
776ecaf919fd0a84f66e632f224c9105c5f84c1ff505d1ac48ab712063db8bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122414
x-xss-protection
0
server
cafe
etag
13718547470157664147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame A4E9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
82499
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Jul 2022 05:47:15 GMT
etag
10429905676100781186
expires
Thu, 28 Jul 2022 05:47:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/ Frame 8A2C 		962 KB
963 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
62.149.18.58 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
cc53243-01.cc.colocall.com
Software
nginx /
Resource Hash
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 05 Jul 2022 13:58:02 GMT
Server
nginx
ETag
"62c4436a-f09be"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
985534
Expires
Sun, 16 Jul 2023 04:42:14 GMT
mw
mwzeom.zeotap.com/ Frame 02B2
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e4...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=a66f9c3d-a5f4-4114-730a-b57cddf9d4ce&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=a66f9c3d-a5f4-4114-730a-b57cddf9d4ce&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd48e2ffe885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=a66f9c3d-a5f4-4114-730a-b57cddf9d4ce&zdid=1361
date
Fri, 15 Jul 2022 04:42:14 GMT
cross-origin-resource-policy
cross-origin
content-length
0
usync.js
eus.rubiconproject.com/ Frame 86C6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14719
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Fri, 15 Jul 2022 08:47:33 GMT
media
a4p.adpartner.pro/ Frame 38F6 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=441874ed-c09c-414b-9921-d5c96b8df727&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=2&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
76833df9b53e2f8a2563d9a2ea0f06dbeca97a6f778ca09eb129091294c6f976

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=2&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2768 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107480
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:33:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6557
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:14 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 04:42:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 0EDD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame AD3B 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
43
Content-Type
image/gif
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 8890 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 14 Jul 2022 12:57:02 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
56713
etag
"a31a707739fd82541fa40e577dbbfede"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
48227
x-amz-cf-id
C16nuXj-rNChXWgde2P9zj8-R-GIlykvUQbkXldf_Ry1ZnDpoufh-g==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 7873 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
W/"601b131c-27c"
expires
Wed, 14 Jul 2027 04:42:13 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame 608B 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AEkNB%2f7HoCrYZdka
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 04:42:13 GMT
Etag
1ea3bd3359de0582
Server
VertaMedia 1.0
media
a4p.adpartner.pro/ Frame CDCB
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=65bbbff9c6174855a3d484c257899316&redir=[RED]
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cm-notify
creativecdn.com/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT, Fri, 15 Jul 2022 04:42:14 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
pic.gif
pa.tns-ua.com/bug/ 		56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=65bbbff9c6174855a3d484c257899316
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1
setuid
ib.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=533&code=65bbbff9c6174855a3d484c257899316
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:14 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ce706e64-0765-41d0-b038-a5a1e92bdbeb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
t.adx.opera.com/ 		35 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=65bbbff9c6174855a3d484c257899316
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync.html
s.adtelligent.com/ Frame 5B48 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=956749079710856.9&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22776a0004-aa0e-5233-c1d7-9a3980d431d6%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226194b441-502e-1b62-8796-5f6cd38c1e08%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.194 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
afb83ff583bb444deeb887ca1f8ebc6b04319bc0308fa0c9e37b6245ea8ed94d

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1274
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
Adtelligent
X-Robots-Tag
noindex
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 72DD 		2 KB
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=956749079710856.9&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22776a0004-aa0e-5233-c1d7-9a3980d431d6%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226194b441-502e-1b62-8796-5f6cd38c1e08%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
0af3b5f1b3525eb435c6c18b464a06700807890793fcbc2eef5d3f24487791f0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
Fri, 15 Jul 2022 04:42:14 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606
/
onetag-sys.com/usync/ Frame D76A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=956749079710856.9&cpv=ddef350c-ccba-9bb5-9758-330c65ace87c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22776a0004-aa0e-5233-c1d7-9a3980d431d6%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226194b441-502e-1b62-8796-5f6cd38c1e08%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=38d9fd00-3cde-48a9-91fd-1d878c7d78d5&hp=1048539382&page=zdorovia.com.ua%2F&pvid=b6950edf-ec11-4554-beb6-dd38841bf030&inst=ADS-EU-6&ts=637934569339867070&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:12 GMT
content-length
0
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-length
0
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=65bbbff9c6174855a3d484c257899316
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
khaos.jpg
token.rubiconproject.com/ Frame 86C6 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
GS.d
js.cookieless-data.com/ Frame 7873 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657860134142
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame 72DD 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D1dd78631b92eb07e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 72DD 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D1dd78631b92eb07e%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
r676et1dkvetpu3a32jq5ntn98521h9r
ptag
a.audrte.com/ Frame 72DD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f32f2c6ae994c6281a3a6b532e38957c475a705737e72d4d5ca2542167f74241

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 72DD 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 14 Jul 2027 04:42:13 GMT
um
u-ams02.e-planning.net/ Frame 72DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1dd78631b92eb07e%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1dd78631b92eb07e&uid=7012578570036581631
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1dd78631b92eb07e&uid=7012578570036581631
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:14 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
facf602e-dc88-4836-b17d-a17c056e7893
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1dd78631b92eb07e&uid=7012578570036581631
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6557 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14719
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Fri, 15 Jul 2022 08:47:33 GMT
usync.html
eus.rubiconproject.com/ Frame 96B2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:14 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 04:42:14 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 76A4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1dd78631b92eb07e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107480
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:33:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame CC20 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136831
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
8ce2c3acab84a6fe2960cf8f2182fc90
x-cf-tsc
1653097189
x-cf1
29080:fA.lon1:co:1585621119:cacheN.lon1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame BE5F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 9B82 		322 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2105b3117a3f1242e265395522632005ea6ee5200ea25cb3650300912832bea9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72afd48eb8b7885f-LHR
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ Frame BF27 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068380
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a6e24280fbfe8eb90a712cef7444e2ad6a52ffed6caab24b022cee3d3e9fb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122414
x-xss-protection
0
server
cafe
etag
11300107236537535451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:14 GMT
ptrack
a.audrte.com/ Frame 6AA8 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=5.187.21.105&p=M1353665098&artime=2022-07-15T04:42:14.211Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b7e5ab084476a2d5ae085f716853c4bcf1957af34744401685a328c83dc86a4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 6AA8 		155 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Jul 2022 23:17:04 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
age
19511
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
IxpzAnTBMVPHcsXNHa82cutwBNY1m3CKfEEM3ZjRU2GE3L0dFXSxvQ==
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=211243eb-11ba-464c-a0c6-ba847f55b0ad
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
zdorovia.com.ua_160x600_br1.html
file.adpartner.pro/2297/2297845/ Frame BA8D 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_15007199967767714&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3De042d1bb27a551c6dce6ae9c57cb1edd
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
W/"62947f06-cf9"
last-modified
Mon, 30 May 2022 08:23:34 GMT
server
nginx
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=dfdc7eaa-0ca4-4ce0-9942-e983ae13d9aa&hp=1048539382&page=zdorovia.com.ua%2F&pvid=3aa302b9-e554-4552-a3cf-6f90b9d25d89&inst=ADS-EU-6&ts=637934569329633993&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&device=28&rule=AC37E472-A7BC-417C-9557-81E776BB6B82&requestId=06339267-8cce-44aa-a76f-46b49dd4096f&hp=1048539382&page=zdorovia.com.ua%2F&segments=7%2C2%2C497&ts=637934569329633993&ap=MA%3D%3D&asign=-1991954904&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=88&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-6&pxl=0&pvid=3aa302b9-e554-4552-a3cf-6f90b9d25d89&ip=5.187.21.105&item=58A999AB-FCB6-49A0-8F11-2519D7D53A56&crid=58A999AB-FCB6-49A0-8F11-2519D7D53A56&size=300x250&profile=01AC75C7-DAC0-4514-9393-6F973B39E04C&isopt=0&adv=N%2FA&dsp=Admixer+Display&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fbattlefront.vogue.ua%2Fen&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0&hold=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame AD15 		219 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9aa61753ac09aded0f140b16f4ec5c0fab0fb86a1ff7c90957a97af2acd88967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame AD15 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AD15 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2DA5 		430 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1657860134&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860133961&bpp=6&bdt=726&idt=335&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&correlator=5267616142148&frm=23&ife=5&pv=2&ga_vid=1598207648.1657860133&ga_sid=1657860133&ga_hid=1761840337&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531605&oid=2&pvsid=1315195224944008&tmod=1529975537&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.s463gzszmyav&fsb=1&dtd=358
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2433011b3f479c5c59bd3f6ea6ed6ba3ea78f8fe002bbdac271ba0078b0a4f81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame AD15 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76db83b9b50e9772924e717f90cc6eda60114965d67aeb13e567785425b1d553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10956
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 6557 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
if
a4p.adpartner.pro/tracker/ Frame 906C 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 531A 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229a2e5c37-cd56-42e4-a9bc-b317af12bf6f%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
0
pragma
no-cache
server
nginx
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 424D 		668 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F7a91046b-a724-44a2-b72d-b4f852ec0c31%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTM0LCJzaG93X2lkIjoiN2E5MTA0NmItYTcyNC00NGEyLWI3MmQtYjRmODUyZWMwYzMxIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dae525da9afff2277faee3363e936034e&showId=7a91046b-a724-44a2-b72d-b4f852ec0c31&apuid=e3459477-c829-457e-836f-f5a036560197
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
mw
mwzeom.zeotap.com/ Frame 9B82
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e4...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=ea52275d-a4a2-45a0-47f0-eb11d905a955&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=ea52275d-a4a2-45a0-47f0-eb11d905a955&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd490cbbf885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=ea52275d-a4a2-45a0-47f0-eb11d905a955&zdid=1361
date
Fri, 15 Jul 2022 04:42:14 GMT
cross-origin-resource-policy
cross-origin
content-length
0
data
bcp.crwdcntrl.net/6/ Frame 6AA8 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.30.128
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
usync.js
eus.rubiconproject.com/ Frame 96B2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14719
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Fri, 15 Jul 2022 08:47:33 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 8C2E 		2 KB
967 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
1768beb7d8e10f67c29161075427c54f8125c87cfcc8538d7a8e206ec1487f4a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
Fri, 15 Jul 2022 04:42:14 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606
sync.html
s.console.adtarget.com.tr/ Frame 2318 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.147.130 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:13 GMT
Server
Adtelligent
X-Robots-Tag
noindex
generic
match.adsrvr.org/track/cmf/ Frame 5B48
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1470705190
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1470705190
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
RX5ee5cf7514e8454288f5eb67f82655f5003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1470705190
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 5B48
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:13 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
34jiecmiio40gucqh0h37umdolt6vjla
csync
sync.adtelligent.com/ Frame 5B48
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7012578570036581631
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7012578570036581631
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:14 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
af378e53-24cf-4444-a531-1c0b10e0f451
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7012578570036581631
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 5B48
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e3459477-c829-457e-836f-f5a036560197
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e3459477-c829-457e-836f-f5a036560197
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e3459477-c829-457e-836f-f5a036560197
date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 68C3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107480
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:33:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 7F31
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 04:42:13 GMT
Etag
294910862b220adf
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
9efb785e-f987-4f24-b61e-92fe8ebe6b56
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Jul 2022 04:42:14 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7012578570036581631
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame 8069 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 5B48
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=abd8075a-d4e9-404a-b090-b88c5d6258e1
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=abd8075a-d4e9-404a-b090-b88c5d6258e1
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=abd8075a-d4e9-404a-b090-b88c5d6258e1
date
Fri, 15 Jul 2022 04:42:14 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 5C8F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 04:42:13 GMT
Etag
294910862b220adf
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72afd490be12749d-LHR
content-length
0
date
Fri, 15 Jul 2022 04:42:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a833012d-a343-4544-baa6-a0b5bac250ee
server
cloudflare
d
ic.tynt.com/r/ Frame F070 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.adtelligent.com/ Frame 8218 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.194 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a3d9317a1b8c2aa2fb35ecb3abb1915d33bb75665a78cc9b9d04f41064600d93

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
781
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 5B48
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=65bbbff9c6174855a3d484c257899316
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=65bbbff9c6174855a3d484c257899316
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=65bbbff9c6174855a3d484c257899316
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
pixel
ap.lijit.com/ Frame 5B48 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:14 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
vid.vidoomy.com/ Frame 5B48 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
if
a4p.adpartner.pro/tracker/ Frame 616E 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25227a91046b-a724-44a2-b72d-b4f852ec0c31%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25227a91046b-a724-44a2-b72d-b4f852ec0c31%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 0C9B 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25227a91046b-a724-44a2-b72d-b4f852ec0c31%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25227a91046b-a724-44a2-b72d-b4f852ec0c31%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
0
pragma
no-cache
server
nginx
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BA8D 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_15007199967767714&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3De042d1bb27a551c6dce6ae9c57cb1edd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67d7a82a322e3a332f92cdcec5040afab8f9ee7ab6f7442ffeff45475a4e8ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40005
x-xss-protection
0
server
cafe
etag
4091398442955489568
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:14 GMT
p
a.audrte.com/ Frame 6AA8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=&google_gid=CAESEJ-2ESymPjDdIr3RWEEEKrA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 6AA8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 6AA8
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8263187426641512786
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
media.min.js
a4p.adpartner.pro/apstc/ Frame CDCB 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame A9C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 15 Jul 2022 04:42:14 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 8C45 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=3&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
b17abc48cfd1d589ccc9cd0f6b2994aefb51eb4894ebed1d3b10d89ccacb79fd

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 15 Jul 2022 04:42:14 GMT
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AD15 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:14 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 6557 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
cookie.js
partner.googleadservices.com/gampad/ Frame BF27 		219 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9c7cf441bc6f44b8368e0f4c21e2707d49278859029f0e77240d294a75667827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame BF27 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BF27 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 656D 		430 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1657860134&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134196&bpp=3&bdt=683&idt=341&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&correlator=5267616142148&frm=23&ife=5&pv=1&ga_vid=1598207648.1657860133&ga_sid=1657860133&ga_hid=189203386&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=905&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068380&oid=2&pvsid=1381346131763052&tmod=1695988899&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.ovc32558bph&fsb=1&dtd=397
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37f0e8589907a886fc7991c2572ce2ca60afa60cad8b1d46495bf6aafc735e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame BF27 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b3e5509e3dde58324f9a444c392931e6778b1b90543ef76bc6030352316750e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10868
x-xss-protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB&am-uid=65bbbff9c6174855a3d484c257899316&cet=9&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=1cf0558d-9d9e-48c3-b7ac-9970cef9a1f0&hp=1048539382&page=zdorovia.com.ua%2F&pvid=b6950edf-ec11-4554-beb6-dd38841bf030&inst=ADS-EU-6&ts=637934569329813617&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 72DD 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 14 Jul 2022 12:57:02 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
56713
etag
"a31a707739fd82541fa40e577dbbfede"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
48227
x-amz-cf-id
_N25g6nfz8QfLi0LwTUSYazV1bcJuC23Q2LHLIa4SdqTreTBgStT-w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 776F 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:13 GMT
etag
W/"601b131c-27c"
expires
Wed, 14 Jul 2027 04:42:13 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame B3EF 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AEkNB%2f7HoCrYZdka
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Jul 2022 04:42:14 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
csync
sync.console.adtarget.com.tr/ Frame 30FC
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
0
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 04:42:14 GMT
Etag
8a0363325a3413a7
Server
VertaMedia 1.0

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 15 Jul 2022 04:42:14 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
server
nginx
csync
sync.adtelligent.com/ Frame 28CB
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b52363325a4413a7
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b52363325a4413a7
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b52363325a4413a7
Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
b52363325a4413a7
Content-Length
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 424D 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F7a91046b-a724-44a2-b72d-b4f852ec0c31%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTM0LCJzaG93X2lkIjoiN2E5MTA0NmItYTcyNC00NGEyLWI3MmQtYjRmODUyZWMwYzMxIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dae525da9afff2277faee3363e936034e&showId=7a91046b-a724-44a2-b72d-b4f852ec0c31&apuid=e3459477-c829-457e-836f-f5a036560197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01b1514d33ffa7037e363e2ce1e04fbc1eb5ae07ed1871685142261070f28546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39983
x-xss-protection
0
server
cafe
etag
9805771149810840164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:14 GMT
ptrack
a.audrte.com/ Frame 8890 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=5.187.21.105&p=M1353665098&artime=2022-07-15T04:42:14.640Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
bf4fec7df3fa372e5e966e3c055ce74eedafd8259b2e4d72449150b389254304

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 8890 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Jul 2022 23:17:04 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
age
19511
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
aKzfums6aDHUB-r5PqbDqCIpuM7G5wpNqn-1eqtOuXZhXqf1n9UGDw==
pixelSync
pixel.sitescout.com/dmp/ Frame 8C2E 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D1dd78631b92eb07e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 8C2E 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D1dd78631b92eb07e%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
uclhqh2dodsdhtq9c42m96cdapp35ivf
ptag
a.audrte.com/ Frame 8C2E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f32f2c6ae994c6281a3a6b532e38957c475a705737e72d4d5ca2542167f74241

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 8C2E 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 14 Jul 2027 04:42:14 GMT
um
u-ams02.e-planning.net/ Frame 8C2E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1dd78631b92eb07e%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1dd78631b92eb07e&uid=7012578570036581631
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1dd78631b92eb07e&uid=7012578570036581631
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:14 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
70f62c0c-5724-4566-812e-0ca91015b643
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1dd78631b92eb07e&uid=7012578570036581631
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 96B2 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/ Frame BA8D 		337 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068419
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03aaeb0a1bb3515fd632616ae6cd3ed1dc0155e9860646cbf518e7547f887b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121573
x-xss-protection
0
server
cafe
etag
12039946120000777808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:14 GMT
usync.html
eus.rubiconproject.com/ Frame 416A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:14 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 04:42:14 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3E73 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1dd78631b92eb07e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107480
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:33:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D4B4 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136831
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
64dfe53972b69c3763f1800c449622b2
x-cf-tsc
1653097189
x-cf1
29080:fA.lon1:co:1585621119:cacheN.lon1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame E2EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame B163 		322 B
680 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb67fa059853b066262d0f25d8d93abadd93bbd890474414c3cf77a7554daba

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72afd4924e20885f-LHR
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BF27 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:14 GMT
usync.html
eus.rubiconproject.com/ Frame 659A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 04:42:14 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 04:42:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame A22D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CCC3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107480
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:33:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 8218 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
43
Content-Type
image/gif
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BA8D 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_15007199967767714&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3De042d1bb27a551c6dce6ae9c57cb1edd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e652f06b7fec9dd26e98b41e48c670bca0565eaf07413c6198857d5593949155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40001
x-xss-protection
0
server
cafe
etag
17237022086827970716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:14 GMT
media
a4p.adpartner.pro/ Frame 8C45 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=441874ed-c09c-414b-9921-d5c96b8df727&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=3&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
b70792bb33bc130c991a1376be7bbeab42e3f61119f7d5c3eb76b1a02029d63a

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=3&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
csync
sync.console.adtarget.com.tr/ Frame 43D0
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
0
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 04:42:14 GMT
Etag
b52363325a4413a7
Server
VertaMedia 1.0

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 15 Jul 2022 04:42:14 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8263187426641512786
server
nginx
csync
sync.adtelligent.com/ Frame 2318
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b52363325a4413a7
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b52363325a4413a7
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
294910862b220adf
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b52363325a4413a7
Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
VertaMedia 1.0
Etag
b52363325a4413a7
Content-Length
0
data
bcp.crwdcntrl.net/6/ Frame 8890 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.23.106
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
GS.d
js.cookieless-data.com/ Frame 776F 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657860134786
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
p
a.audrte.com/ Frame 8890
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8263187426641512786
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 8890
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=&google_gid=CAESEJ-2ESymPjDdIr3RWEEEKrA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 8890 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F30F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29785
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Jul 2022 20:25:49 GMT
expires
Fri, 14 Jul 2023 20:25:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1FE4 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f185850a63082bfd87106346504adf29129d702cb4e4895423fb13c0a4ec5e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FT9k1-mPDnS8t3HOBUbtIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-FT9k1-mPDnS8t3HOBUbtIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:14 GMT
expires
Fri, 15 Jul 2022 04:42:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ Frame 424D 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068380
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
776ecaf919fd0a84f66e632f224c9105c5f84c1ff505d1ac48ab712063db8bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122414
x-xss-protection
0
server
cafe
etag
13718547470157664147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:14 GMT
mw
mwzeom.zeotap.com/ Frame B163
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45e4...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=30c74f5a-e111-44b9-66fb-f497c773e315&zdid=1361
95 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=30c74f5a-e111-44b9-66fb-f497c773e315&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72afd493786e885f-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=30c74f5a-e111-44b9-66fb-f497c773e315&zdid=1361
date
Fri, 15 Jul 2022 04:42:14 GMT
cross-origin-resource-policy
cross-origin
content-length
0
usync.js
eus.rubiconproject.com/ Frame 416A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14719
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Fri, 15 Jul 2022 08:47:33 GMT
ptrack
a.audrte.com/ Frame 72DD 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=5.187.21.105&p=M1353665098&artime=2022-07-15T04:42:14.885Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
bf4fec7df3fa372e5e966e3c055ce74eedafd8259b2e4d72449150b389254304

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 72DD 		155 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Jul 2022 23:17:04 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
age
19511
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
W2eSma9tqrWEkXdEk28AsWQwF_mq0140ZLVJ2ZBiHe3m3w-5BpiT2w==
integrator.js
adservice.google.co.uk/adsid/ Frame BA8D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BA8D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 34CB 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d1d2b43646e9c1a1e891a14365f18636d2562b160e948e2bd8071f739f8b58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
8200
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 659A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14719
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Fri, 15 Jul 2022 08:47:33 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 8C2E 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 14 Jul 2022 12:57:02 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
56713
etag
"a31a707739fd82541fa40e577dbbfede"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
48227
x-amz-cf-id
GatenjeLqe0gakF2Lt2w5fAjXKrDHS3HALUg1dtx86BLZjxGmvxs9Q==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 5248 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:14 GMT
etag
W/"601b131c-27c"
expires
Wed, 14 Jul 2027 04:42:14 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame A268 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AEkNB%2f7HoCrYZdka
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 04:42:14 GMT
Etag
294910862b220adf
Server
VertaMedia 1.0
ads
googleads.g.doubleclick.net/pagead/ Frame FF23 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f8f891d36bb0286acc05effcc6208dcbdbfa25781343bc89dc4c5059a35a5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
8206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 424D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 424D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3943 		58 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972a70d6d0753c1c3f97528bb2aa2b44af896bdf353aed8b33cccd940ef56509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
24338
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
data
bcp.crwdcntrl.net/6/ Frame 72DD 		20 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.24.76
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
khaos.jpg
token.rubiconproject.com/ Frame 416A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1180 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Jul 2022 20:25:49 GMT
expires
Fri, 14 Jul 2023 20:25:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4CC7 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e85b584b39efc9c6ff80e1c261d8bcd1b022aac3a589b602811a7111bdf8e0c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-THSmAUqBm6jj1e2aQMADdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-THSmAUqBm6jj1e2aQMADdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:15 GMT
expires
Fri, 15 Jul 2022 04:42:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 8EAC 		668 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fe3a60e77-76e5-48b3-b93e-14fe5a62282e%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTM0LCJzaG93X2lkIjoiZTNhNjBlNzctNzZlNS00OGIzLWI5M2UtMTRmZTVhNjIyODJlIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Daa44086e06f152bbc08c713bafd9b4f4&showId=e3a60e77-76e5-48b3-b93e-14fe5a62282e&apuid=e3459477-c829-457e-836f-f5a036560197
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 04:42:15 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
khaos.jpg
token.rubiconproject.com/ Frame 659A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
if
a4p.adpartner.pro/tracker/ Frame BF9C 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522e3a60e77-76e5-48b3-b93e-14fe5a62282e%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e3a60e77-76e5-48b3-b93e-14fe5a62282e%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 15 Jul 2022 04:42:15 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 28C3 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522e3459477-c829-457e-836f-f5a036560197%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522e3a60e77-76e5-48b3-b93e-14fe5a62282e%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A113%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e3a60e77-76e5-48b3-b93e-14fe5a62282e%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 15 Jul 2022 04:42:15 GMT
expires
0
pragma
no-cache
server
nginx
GS.d
js.cookieless-data.com/ Frame 5248 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657860135054
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
p
a.audrte.com/ Frame 72DD
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8263187426641512786
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 72DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=&google_gid=CAESEJ-2ESymPjDdIr3RWEEEKrA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 72DD 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Connection
close
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
sodar
pagead2.googlesyndication.com/pagead/ Frame 1FE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=1315195224944008&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 04:42:15 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame F30F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8EAC 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fe3a60e77-76e5-48b3-b93e-14fe5a62282e%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTM0LCJzaG93X2lkIjoiZTNhNjBlNzctNzZlNS00OGIzLWI5M2UtMTRmZTVhNjIyODJlIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Daa44086e06f152bbc08c713bafd9b4f4&showId=e3a60e77-76e5-48b3-b93e-14fe5a62282e&apuid=e3459477-c829-457e-836f-f5a036560197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9bc4e3f6fb7579103ca8810697b0ebd49372c6dd616f3fee4a3027524156b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40001
x-xss-protection
0
server
cafe
etag
13402215461569429981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=1381346131763052&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame 1180 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/ Frame 8EAC 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068443
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83d766b83a1808e5516c2d064d53d52bd58d2bf6ea05e99e865e2d012c9cd59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122711
x-xss-protection
0
server
cafe
etag
3802737133876262236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 04:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34CB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_T70CEOcDcPWB4G9c2JRHDIus3wM0c6s-xit3i9gRnX6bVPF4BhhE6-3sF1uoTQr6Sr7W7ZWenQWufJlS98sZwgLj0wsOxQXfZiWOHzy6v_krxKA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 34CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:06:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 34CB 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 34CB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:38:03 GMT
l
www.google.com/ads/measurement/ Frame 34CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzV0lFNzmn419P1XuDw6KzzNET66x2vAyAjmSPTqpFkoARdAwrZr7TYCAnVabLyHiGMUXHnmFr0nHuUxY9gEduLSqdYQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF23 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6HRqS1JiVRT8rM35xwQGIEJBV5pAJyG0bzPtXZ-rfqdIHw90pIwiJDhAeBLtrOA9BMXVNp-3HYemsu-1EI8jPduZqB7Es7RwKMjYw-BCN970rNB8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame FF23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:06:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF23 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame FF23 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:38:03 GMT
l
www.google.com/ads/measurement/ Frame FF23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGLfhmhXxybiHQEGABiuxIyyC0Us83_MYoRxG6-JUKzgnNwLRFrmEOCHW9JZLwwbaRbVUDTyEKF0kz6LbChzDsXdqeMg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3BCC 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGLuStcgBMAE&v=APEucNW6uYrtKrpl-FQ1wvov3mg0A1Lfgg0HIFi3obZtT6RfKv9kUe0Z-Iindi6MeI7E4ArKy-EZ3wcgx-zTNQ-m2Bn1zdN_fw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 34CB 		60 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8ymRFZ388SIIJLUqtd9GddXaa2QTNny0U1f-Yfm-7kePR2dYN2LZ3mvZudwghsub5sW83XyiP1bX6kpkaaG6xaeMZ3_ueDr0BG-On7vkWKN4Wc_NFS3JkdUPsY05k5HKWyKOYextZMRmsU1YDftzFD-t3BA&cry=1&dbm_d=AKAmf-ArzBjdPoVyXog7CqFaDrp5AMtvUHus8x3zKDJqIFjHkYhdK2Q-IEoiEAktEIBphPLVYJ4WXNnuf5fR2YxNpQI-vuV62LrkYBEovc6ndC9cZDilHufgOXM9w9_zhcBzCNtem-EASBFG_WuI_bq34IEGyJ_JV6X2fZMuUkY87i5f3rAx7wLB96Tvex3Bw6-ufulUdtFzpyLfieaYCrOwcSu8Per8_B2gdqXFZLI_9n8gTV_Nmv8VD1lAKJNSCHXRrcKmthkcTkmLnxTf_A8tm9bzh3duf7lXWf5gu25G_jcrTdvunFhMhKX6b261hngPz5mDjxp1-nZ2lx8cshdlQHC9uD-QEnQ6htxkEMftmYJiHD4V00Gu-h6mNToZvuT9FrVTZlXiUrFctNeL4NBKNywL5Uz9S5DJLwk1wUoKS7SQikQiJahtEIt76QkNI3BeLFz3qzKgPkgmJea9Lj30vA4lQhVNU2yltBVRi4-0mC0u5mzh6L63oJpRFQebl4JG_A3qsjz5IsN2um8fl-7Y-Eti9tGEMi_26q8oRORAkoDCC_3xDrhDTDMoh3H0b7nDlAo_0KiQu4gCngI3_-r95J9C0Nl9EXqW7FuugmVdJWE-DqXWYNapRG1H4gEF3iiTb6kLnoDiBW01gElDMbTvz8u8dQfHbfKHQA_AZClHSeiWiH6UIB7g33qGcWnsFZfMePsvz3SVR30-jKmwQNm3qUSddEAT0wvjJbY2hdGt2XgmQKYfdg6knk7CFxO8QFr7tlSTzqdCx_Gp41Zlvaj_Rxu7DjZbvi_QdbaniuYzDw8iojNWvSxoM6Cpe8pNVA8RpyvWSvxtMvmfQ9DSDs3_20BfkdUBbiuqcc3eJZQnxVCxPKoD2Q_k77lTJ6NVG7xmI0kAcmwGHPIzv8z_6V1uhW0w17-Xwp_3UvThUL97jvwf3-_LSRt5VQ1TZ99gSEeLQyrV6N2LjDqRZAXaP8QtjNbazg0jNB25MzTVFTKG7yijVQolPdsXloRb2EdUmffusbqaDrwEU_v_5J3u3FzxdL3H4NhsuTHnYCodtmQ847AU-_Z_takLvmN2blDHNfaNWSW2Xxap4BU3l0Q4GUoP0cn-NDRzpHxGipjdNjg7Ed7Jf_cAUbw0y6FmeTwhkycVIzNCYFMXxcbwBZG92agw7ikzPHkftd61j7TTJiWWo3TQt6ryx4YDW3-Z5Fn-6XHvf2gu8JGYbbFA8xlK3BBP6_p7D5x882ekCIDGz_px_rB7rvSbhkQ8TTE5jFj5BYS9T8M1BHXGOQ0e3FKMizw3aL5ItGSNj7GuSbzhD97Ng3APOW3P5TmlUVbCilhRbxhzEiq67JK4Un2MA5HSlY2vefSFhfBV96U9T162b-v8tyYrC4_gPW8tFpMjKzKecLNlyu7dWqT9we01uwe94tritZxAhkEilP_vCqS0XuJF4nZv77bjMLpwz7o7gszkqrrVW4_Xko2k0brUffV8m3ISRB7phUFv9D-6HvCMdXwvv2nEkPR2cuJM904pijWWmyaIFsFbHfpQYIobR2R3zAaQfuqprSTQZd58CwZX6PmCFHbRppFC2nSQ9KWhGcQAgwaJ8QhQ5kZZNxmkF8qlMsiiVcFNoA04BYB1NLEMuEWQGo2Nqhl-O8qfEroA7gq3H0JyzaUltxNBg-UeZyAmO7G72dm95vYYdQPVJ-bk_RTEx7X21ZBwB8piwSqHrbUrHXXdanI6vJVd6gUBWWcnbM6NyjC7CFOyG6G-T03McYBS88LPDW-SLZ1xrZ608s1qkm-FYoBhbMDi14Jr7MBeWuQFpLED4ElnmXxcQv336p1XqE499cSL95DXOnGnE5exYuZDDOnSUfGeRID2kMTZBucUrMq_49xrRib96DFTd6SOgXim3C3yDzYu0huUgYyj3IxEcb2Vk4VW5rIiGNgTTQ-K4Fr9eI0SptkVnK4Km4S6wi_8R6HJ2qc5Fqi2NCNjkAO10mTl6JjShq0BKX4F5hwaTnI_ZpiuH0v_vTeuxqsmm_txzIOc3ctAy8CdDhIuBmqtGdhYZ5F0V7O73ICf3_HdlUkSMr2ie7OnjWGfg7ilNjzMPT5EVaO3fmxcZbOA6PQzrhabA5E8VF3jfclU_z-j3qCdZgr0P44mQd1SMDsw0MsVM1oGvbvJVa8Y7PVx29YDMXs6LAUgb_f748zP-wlDpLw9vZPYL2VKxRrYkFqqZODBch8iXmUgTc4kG7RdMD01TAJyBtfSVzq9OyToYldR1CR0epnwsL0ID6xWN7AKGLYk0uCeWr96X32A_ANdHwJZB4jclPkQH0QpDIezhaV4TcbTHtnwObQCKslDx0RhOka70Mj56tWFeUq0PC7DP8rGGTvg_-E4SyUenFJxwPSuwVgoTDSnniRzq6H1KjmTIzI-SAZSxXqAcOwIU4-G3Ld9EP1HkOoxtk8dRdDGEZHpCBke-Dm5PTXB8tPeWQfGmlhA8-lgXj4gFoDefMIrsFQ-yrvIkt-rWOKE4f4XfLuwrJkYPXGQQnhXOW03iejanlneV4lQ3pxq24JqxilDsVHoivSBxB5PIo3nbEqhEvhpQJaMncyfvGAisryOiPHRGWaS656-D5SsKAs1TYR09U2uHTvFzAfiQv8x-ewwm2sDKQT3JWMerv3YF5sfZ87IJVGrhElHcp0hOXgPCPDkW-ve2aNZLE9s0dcDQiAPETtexQcxLblMXwzTTRy8rFNhp6h3bc6hoKyyYSwrkSDLzfNZkRyiQ2zezijb2dL4jEOETiTnBsadtOOQUDh5l_HWLUPpB2bc5SpnKcUXGdiNeaQkAayXkoVh2OlvD8LE2IY4RxXz4th8m9ZdZ-qwbh5YA7DZV42pGwQTAFOJh2bQb7_8N9f17rphewje-FdzyckPtGa66-0LbYNg7MoMdyIWNH55v3_dvQjFm3Fg6fo_B4-vRQg-W5Re4qU0KcNqmIYy6Q9K6jcvWzUJPUo1rQcIk6DgS7z7jNQmejH7JfARBggXIxKiweppIzcm-l06VuVK8lSKP0WE5d6iYnipDoqmsFeTNpjukSKDdOIF1qTIjmvwgQ5Y037zx919YFrYoWV0m1FU27-p24P3OguxqukR6XuuN6q3W_M_qYOSdfSBS5PM7I126tpT1hijvdFwHmEBkIJvu41pDOvPZtEsaCziKadPapKmSFyDjvAw6T2cBY6scxHjtV7v_y9OoLksb2TFu1J1M-2tK-AvHxFzJJ0o2EsaJiDuiQtNmaGRAn8b76uMnk5b2V0GngjbnykxsU6hTMoXrBftXGtMJPgiH4MK945r-1r4X4EaT43AIDSHQqM79EBR8KGRGZsjqIbaocD_s_5ojWXDBPlRXfI5_mDPNHdC047NIoMxlIY_ss7GmeVb-3SLsvEb3V9h6kmiA_oa0C4n8lUUg2zJtJxESE0b3t6litRx_rQNnr_qYputvrPB0l4Sh435rGZO3diEGDlCrng4LgEwh19-d2XjTRNbIhmYgyWPBfW214fVOwM17voFmKVUPgtu7F0r2nyrshyTWbW549AfexedDzXQCnpGZ6j_vgki0-DPH7y_O2S-D_QbqqB8rMpp&cid=CAASEuRolboETAhBYMjjumn4YPCeKQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf859ca07602dc19e53c64acc662a6683e412cdfa8dc0c16e93534aa1718be90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30717
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FBA4 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGLuStcgBMAE&v=APEucNU5tdBeHSQGUxas9UXkp8JfOjAm_MRXLFGSsx7wCQ06UiuJ_QfjfO0EeAcvewPKC0njGxHhPHWzH3knDx2qMKlaOKPxFA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FF23 		60 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXpZfkYllHBYNFhM7dowsvZMV0fLnlcau-LZdj885gx05sDy_HeIaEOPQ6fXnwBMZY_J6j485t9EHmD1c3UuickNbWQhsi4BN-s1U2nr539BLqhF3EydOhcRvGfvMBwxFcSBbdm76ZpNaLOlsB0HYCUWsI8Q&cry=1&dbm_d=AKAmf-ABb4CMDxfH0GvSoIXIM61fxCQd6a-vuTUuN9qKAvMGdSTOtAvJ0PW12P0s8VxDOStMF7S4lLxjvmQzQv7vkZ-fUR3-Tl48NeCsIYUXMhvsEn5JbAqenghCiQltO8-LA80XoN-r-BXBx4pVfOGltiX8RK-nfYkCVJThUJt9hotF9N1tEyRONNOXaMneTK2HjkJMVGOrwPjimnxEOqYx6MzzybHX8Nf6RRZzV8QhWABD2ZNr9J6yaRnm21aop769udPOUWTAcMAPEcDMUbktPnKkD5DJUj6nJJnsVvTVxVKZQ3wl5FtJePQklJ7dIXSEhq6zsRPxcJ6vS6JruP1sIvdK-OxKyJt9wmFk2XRvbFv3NXI3Nk3dEK41k69NzurBM18UGrdXpg4sqn80twiEDY9DEPWULkvycM1Nt3_NjNFZKcCkg0VC8W48gURR-34UqbXyxpnWLIqngW0wwozBnC8yrGfMWsCR-1fOTdqNskw87kQ0FyoT0Ez8agBQTdFbmFMYSTkBlUbkLNNgXgL4d-sKMCxQM2STQl1MrDRBVRpui4bNurjbGv_gQpkRWruMkPlkOe9RShu_wUGpT5VVknzYDrVM4MYUXiy4uGc7-YmJ6rsNkCAZGd1HKJbB55KB7UBKN29m69UqqBiA9kkOedh43BbvYmYoQBBaxpL5fg5rp6BzktX7Od1lJGUgYXuy4Ht_tvBQz8zq-TJCXDMWKoBrDlquuX7Fr1ik2ER0fkttdgsUQgsoU5J5r-HZ_Tq5mlGOZ6xFsEPtgIkMhax5elzy7Qua3NJYeB26llgiHl42Ja6PYy98p5wwgFFqdbThQBKhXc66te52vSNu7DhP35dqoVQSFfD0Eam7G0qRnvPSD3wAD4todX4QRNb-UO4hRP4e4mDVainf-Hsem2_WlqFknSQYAVxXS_hOiCwLHXneOzfnINaa6c2jaLLyIG7B2cZ3gjbDO6NYwcJOK9tnn6a1s20xCZvcZM9a2sI_QerHAjpq-SAZMJYXi4Tg5yHOILzgCSNOu1zE9TRQYtONsq10cj_WpKia2VnmMvnGP7se-i-VgcE8f3igaIDQGFf5cSFs3RPgqIL_rDpqExQGu5VeMPAIDMPnliYOFSK3QEQT0GZ4kTbyRjsHvNV6UK5X3CA512no5jGZ0-kAZ6JKE1ChCLanygGms9wNprpkGLY63hD7vP3Qlofprece8TLIRhHf3fAnebJw5vAKkGO8N9I1N7CaF7DRxgfWGiAYVDV7T17_vlqLe84eaeFtTfKXZPZCM-nDta_Ktr_FaDvhW6uA_ElG9vrjnAjwzZycX9HRnVNTaeiebLKzeuf52gibXRlwqEkupWoDtAFfoQHFtUsCyZkc9D_rui7mh6TaT9SQsIXi3TjTTWTqZONSuqnIN1dH9ceuifqmO0_Rl0a-TGp12AYvT6gf_uXGnX9dtVixSALKgwU7UpH_Nz7zsuoP0fnRJvUKwnWCAo9BAeO8Ul3h_btXdKYX-PFubhKPqZFVrvLk56SH_Zaawpir-Inj0_uT0UfRZhorYDtzqYaEZc55oVGycsca0zPZcifyRjuRGe6TeBorg2FBSer7s9ThlYD7pMtAKBmn3F4DoEfJJCkHdTcsSCpd-Bk5skohc-7OaiK5opyo06h85nUVwrAApoCWXcwL9KQwUxnj355stHQMwa00HJFSNXmoiLK7MCc0y8P61PN3HGQ_3U4u9bT08PSynCTSVkUTY-zMnubhEZRp8LTAcqci8Vkbr7R-wHt23OF_L-ggymlEjKNNoPbfNGmSGCN4HaXG6AVSnkKDV7Qd5fB8qc1OtlulvLqxizSzufvuddzuMzws7L-n4QB7hh3WEGo1Z2XotLgW9oUeCvlflIsLscPO-iwNFcSEPEjBSufGbf19UeQe-d7DTGezc4FIg4dxAwvJM1pzb7mGm6guK26EFBSk6QdHz05B28oPVJVeVgkqzIvb49Rjd5Psc_9zifKZ82zbntYOHgTEPbOSmSa3bRbg2ypShdw7tz-a3ae6G3I4CnqygpiCksCtUT3cPk31vxmbfN93i5LqFeXjy5p1m63dqRFIBNlpd5-jODVrccTr3bQy66Znbql9oT5lA59ZOIrovcnH24ing7NPpIFPPFFK0dLx_3WQ3tyEqON3bv11K4eK_nvo9m_7vN90EJHd10fu84pvJbhRsjTwTEChnB1JjDPbrdqOK5RLcCLi70-sovxSnrA3g1aSIdXEIAx81Mcm-2TBuCA7ANNg9iHYFKZ7B62W2vrQyDADPT4rPXwNzqJVHwwg_SpkojFqua-2l0OXtbsqwthVTRwM8S2zuJXEqc72Gu4bH718-IIERAzsHt9rbe7pzJ4Cwqie8y_tVUYrRmg5tdkmiiDct0zjCNDfg99X4ZEirWwgH12XVz8tqj1XH58WqFV2TVbln7jsEXQwAGIDfAiY3tX6flrk3AbtYcEi95Eq6cPjKTT6hu2LnCexZcf7kdcb4cb1XhryQCfxJdAUgXutz68LjzpB3UuXt037FSSfm30QxyKq6CHbJrkOveq4aqVFZXnx_UlsXQQBcXz03EZsz6OKI66y7quDfjmpNiY0Q8kczVJrkjDE40jTp_6EZ8yHeUCHTyadulcRsTWJqne6I_s2ol9Qcpa4KB0tzuNq88xyQ3vEqLx_24rV1NQIkxdvVbbMRSaXK9Tq2XPvWhcWw9ZX1Zyq1m0ArpARMeqPkdOUjbAdBsSCpnFmXrsrBN9t88GC40lQh8qBa_HRDmixdUp3Q1WMWf6d295SoSwsgKF1PVz59-63UteagjRsmuFLERKjZ2mMmQjRiuw1wUY7ckHrgQ2PLxXIcewiPDAbMCc6y2_1-3mmTbZPR8Dbj2PrkxjVyyd6Pxcyx3J_VAodLOF3VGbMR5lNrYSdE-wDNnUxBQiyeSqd1zM56RlKuJuUdinUrTdjIUoNoohkdIHmQmkCGYhvwawwu4P5LePRxjnSL39d6Wc8t35IbL65czSnEvu85MrHuJwCxftyoqEf1ulkaK6Qori0Ku6Hi8wlfGgHs-b9rzWX4WNMtkcW4t4xyo4AhcPnpyOJPs3ikQjxNgkQpY_nxX4sNXEQ4FfOJXVGEuqgmqV0nEETc1DPO38VqJYBB2ukONGX25S7GSZVbG9buSUS7s-2JS4Z6ZfSlgLs7U_y0U_IgAjtlwojNANkMlLRbsr0P6JRydY7Q6SQQ04KR8h-SMORYtQF8fSBkjbwzSsrs0blyRzJ9kFhUQpoBgSV6M1KKJjC_qE3ny4Vowqt99Nb60pzWLC6ykTkV7AYbT7olMxVnBO0yNPKkIwN9XIes3Pqw-xzW9ua0gjmft_jNjAAjUq5tMrx-a9u9XdSNVmCAyUXx0G7GNCgbvQHT2KF0TonyDhOzSUsePYqGQTU4h0IKrKMzeG72ewisEUTErsaHbumvTtMamMVNuIh60hf4pTY9IwkUez2BhHn2xP5blhNJtTvoZ1esY3fciWhRB-lB7wf7wiT1HiOtW-qckUsgvlMWKnVoMR1WUT6TqSqEnrsC0H69OeOwZqXvGtpJ0sQDJuh3_nknWzWV95whlg6OSvG&cid=CAASEuRo3NhDHifqncH0I9I5WJsUng&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36379329b7142ab0e3a09116bd4b40f12307b589838697f98b10e8354e995f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134872&bpp=5&bdt=463&idt=71&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1989006315182&frm=22&ife=1&pv=1&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.g2dm9jf5w13r&fsb=1&xpc=J9GHSY6I77&p=https%3A//file.adpartner.pro&dtd=75
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30600
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F30F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HVDyNg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.co.uk/adsid/ Frame 8EAC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8EAC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2683 		82 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4c94bfc77d541d14b3115d72ce6c584fdad7a227f790194324bd85b8a5950ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
28135
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 1180 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?spDpLw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 34CB 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8ymRFZ388SIIJLUqtd9GddXaa2QTNny0U1f-Yfm-7kePR2dYN2LZ3mvZudwghsub5sW83XyiP1bX6kpkaaG6xaeMZ3_ueDr0BG-On7vkWKN4Wc_NFS3JkdUPsY05k5HKWyKOYextZMRmsU1YDftzFD-t3BA&cry=1&dbm_d=AKAmf-ArzBjdPoVyXog7CqFaDrp5AMtvUHus8x3zKDJqIFjHkYhdK2Q-IEoiEAktEIBphPLVYJ4WXNnuf5fR2YxNpQI-vuV62LrkYBEovc6ndC9cZDilHufgOXM9w9_zhcBzCNtem-EASBFG_WuI_bq34IEGyJ_JV6X2fZMuUkY87i5f3rAx7wLB96Tvex3Bw6-ufulUdtFzpyLfieaYCrOwcSu8Per8_B2gdqXFZLI_9n8gTV_Nmv8VD1lAKJNSCHXRrcKmthkcTkmLnxTf_A8tm9bzh3duf7lXWf5gu25G_jcrTdvunFhMhKX6b261hngPz5mDjxp1-nZ2lx8cshdlQHC9uD-QEnQ6htxkEMftmYJiHD4V00Gu-h6mNToZvuT9FrVTZlXiUrFctNeL4NBKNywL5Uz9S5DJLwk1wUoKS7SQikQiJahtEIt76QkNI3BeLFz3qzKgPkgmJea9Lj30vA4lQhVNU2yltBVRi4-0mC0u5mzh6L63oJpRFQebl4JG_A3qsjz5IsN2um8fl-7Y-Eti9tGEMi_26q8oRORAkoDCC_3xDrhDTDMoh3H0b7nDlAo_0KiQu4gCngI3_-r95J9C0Nl9EXqW7FuugmVdJWE-DqXWYNapRG1H4gEF3iiTb6kLnoDiBW01gElDMbTvz8u8dQfHbfKHQA_AZClHSeiWiH6UIB7g33qGcWnsFZfMePsvz3SVR30-jKmwQNm3qUSddEAT0wvjJbY2hdGt2XgmQKYfdg6knk7CFxO8QFr7tlSTzqdCx_Gp41Zlvaj_Rxu7DjZbvi_QdbaniuYzDw8iojNWvSxoM6Cpe8pNVA8RpyvWSvxtMvmfQ9DSDs3_20BfkdUBbiuqcc3eJZQnxVCxPKoD2Q_k77lTJ6NVG7xmI0kAcmwGHPIzv8z_6V1uhW0w17-Xwp_3UvThUL97jvwf3-_LSRt5VQ1TZ99gSEeLQyrV6N2LjDqRZAXaP8QtjNbazg0jNB25MzTVFTKG7yijVQolPdsXloRb2EdUmffusbqaDrwEU_v_5J3u3FzxdL3H4NhsuTHnYCodtmQ847AU-_Z_takLvmN2blDHNfaNWSW2Xxap4BU3l0Q4GUoP0cn-NDRzpHxGipjdNjg7Ed7Jf_cAUbw0y6FmeTwhkycVIzNCYFMXxcbwBZG92agw7ikzPHkftd61j7TTJiWWo3TQt6ryx4YDW3-Z5Fn-6XHvf2gu8JGYbbFA8xlK3BBP6_p7D5x882ekCIDGz_px_rB7rvSbhkQ8TTE5jFj5BYS9T8M1BHXGOQ0e3FKMizw3aL5ItGSNj7GuSbzhD97Ng3APOW3P5TmlUVbCilhRbxhzEiq67JK4Un2MA5HSlY2vefSFhfBV96U9T162b-v8tyYrC4_gPW8tFpMjKzKecLNlyu7dWqT9we01uwe94tritZxAhkEilP_vCqS0XuJF4nZv77bjMLpwz7o7gszkqrrVW4_Xko2k0brUffV8m3ISRB7phUFv9D-6HvCMdXwvv2nEkPR2cuJM904pijWWmyaIFsFbHfpQYIobR2R3zAaQfuqprSTQZd58CwZX6PmCFHbRppFC2nSQ9KWhGcQAgwaJ8QhQ5kZZNxmkF8qlMsiiVcFNoA04BYB1NLEMuEWQGo2Nqhl-O8qfEroA7gq3H0JyzaUltxNBg-UeZyAmO7G72dm95vYYdQPVJ-bk_RTEx7X21ZBwB8piwSqHrbUrHXXdanI6vJVd6gUBWWcnbM6NyjC7CFOyG6G-T03McYBS88LPDW-SLZ1xrZ608s1qkm-FYoBhbMDi14Jr7MBeWuQFpLED4ElnmXxcQv336p1XqE499cSL95DXOnGnE5exYuZDDOnSUfGeRID2kMTZBucUrMq_49xrRib96DFTd6SOgXim3C3yDzYu0huUgYyj3IxEcb2Vk4VW5rIiGNgTTQ-K4Fr9eI0SptkVnK4Km4S6wi_8R6HJ2qc5Fqi2NCNjkAO10mTl6JjShq0BKX4F5hwaTnI_ZpiuH0v_vTeuxqsmm_txzIOc3ctAy8CdDhIuBmqtGdhYZ5F0V7O73ICf3_HdlUkSMr2ie7OnjWGfg7ilNjzMPT5EVaO3fmxcZbOA6PQzrhabA5E8VF3jfclU_z-j3qCdZgr0P44mQd1SMDsw0MsVM1oGvbvJVa8Y7PVx29YDMXs6LAUgb_f748zP-wlDpLw9vZPYL2VKxRrYkFqqZODBch8iXmUgTc4kG7RdMD01TAJyBtfSVzq9OyToYldR1CR0epnwsL0ID6xWN7AKGLYk0uCeWr96X32A_ANdHwJZB4jclPkQH0QpDIezhaV4TcbTHtnwObQCKslDx0RhOka70Mj56tWFeUq0PC7DP8rGGTvg_-E4SyUenFJxwPSuwVgoTDSnniRzq6H1KjmTIzI-SAZSxXqAcOwIU4-G3Ld9EP1HkOoxtk8dRdDGEZHpCBke-Dm5PTXB8tPeWQfGmlhA8-lgXj4gFoDefMIrsFQ-yrvIkt-rWOKE4f4XfLuwrJkYPXGQQnhXOW03iejanlneV4lQ3pxq24JqxilDsVHoivSBxB5PIo3nbEqhEvhpQJaMncyfvGAisryOiPHRGWaS656-D5SsKAs1TYR09U2uHTvFzAfiQv8x-ewwm2sDKQT3JWMerv3YF5sfZ87IJVGrhElHcp0hOXgPCPDkW-ve2aNZLE9s0dcDQiAPETtexQcxLblMXwzTTRy8rFNhp6h3bc6hoKyyYSwrkSDLzfNZkRyiQ2zezijb2dL4jEOETiTnBsadtOOQUDh5l_HWLUPpB2bc5SpnKcUXGdiNeaQkAayXkoVh2OlvD8LE2IY4RxXz4th8m9ZdZ-qwbh5YA7DZV42pGwQTAFOJh2bQb7_8N9f17rphewje-FdzyckPtGa66-0LbYNg7MoMdyIWNH55v3_dvQjFm3Fg6fo_B4-vRQg-W5Re4qU0KcNqmIYy6Q9K6jcvWzUJPUo1rQcIk6DgS7z7jNQmejH7JfARBggXIxKiweppIzcm-l06VuVK8lSKP0WE5d6iYnipDoqmsFeTNpjukSKDdOIF1qTIjmvwgQ5Y037zx919YFrYoWV0m1FU27-p24P3OguxqukR6XuuN6q3W_M_qYOSdfSBS5PM7I126tpT1hijvdFwHmEBkIJvu41pDOvPZtEsaCziKadPapKmSFyDjvAw6T2cBY6scxHjtV7v_y9OoLksb2TFu1J1M-2tK-AvHxFzJJ0o2EsaJiDuiQtNmaGRAn8b76uMnk5b2V0GngjbnykxsU6hTMoXrBftXGtMJPgiH4MK945r-1r4X4EaT43AIDSHQqM79EBR8KGRGZsjqIbaocD_s_5ojWXDBPlRXfI5_mDPNHdC047NIoMxlIY_ss7GmeVb-3SLsvEb3V9h6kmiA_oa0C4n8lUUg2zJtJxESE0b3t6litRx_rQNnr_qYputvrPB0l4Sh435rGZO3diEGDlCrng4LgEwh19-d2XjTRNbIhmYgyWPBfW214fVOwM17voFmKVUPgtu7F0r2nyrshyTWbW549AfexedDzXQCnpGZ6j_vgki0-DPH7y_O2S-D_QbqqB8rMpp&cid=CAASEuRolboETAhBYMjjumn4YPCeKQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:41:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 34CB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8ymRFZ388SIIJLUqtd9GddXaa2QTNny0U1f-Yfm-7kePR2dYN2LZ3mvZudwghsub5sW83XyiP1bX6kpkaaG6xaeMZ3_ueDr0BG-On7vkWKN4Wc_NFS3JkdUPsY05k5HKWyKOYextZMRmsU1YDftzFD-t3BA&cry=1&dbm_d=AKAmf-ArzBjdPoVyXog7CqFaDrp5AMtvUHus8x3zKDJqIFjHkYhdK2Q-IEoiEAktEIBphPLVYJ4WXNnuf5fR2YxNpQI-vuV62LrkYBEovc6ndC9cZDilHufgOXM9w9_zhcBzCNtem-EASBFG_WuI_bq34IEGyJ_JV6X2fZMuUkY87i5f3rAx7wLB96Tvex3Bw6-ufulUdtFzpyLfieaYCrOwcSu8Per8_B2gdqXFZLI_9n8gTV_Nmv8VD1lAKJNSCHXRrcKmthkcTkmLnxTf_A8tm9bzh3duf7lXWf5gu25G_jcrTdvunFhMhKX6b261hngPz5mDjxp1-nZ2lx8cshdlQHC9uD-QEnQ6htxkEMftmYJiHD4V00Gu-h6mNToZvuT9FrVTZlXiUrFctNeL4NBKNywL5Uz9S5DJLwk1wUoKS7SQikQiJahtEIt76QkNI3BeLFz3qzKgPkgmJea9Lj30vA4lQhVNU2yltBVRi4-0mC0u5mzh6L63oJpRFQebl4JG_A3qsjz5IsN2um8fl-7Y-Eti9tGEMi_26q8oRORAkoDCC_3xDrhDTDMoh3H0b7nDlAo_0KiQu4gCngI3_-r95J9C0Nl9EXqW7FuugmVdJWE-DqXWYNapRG1H4gEF3iiTb6kLnoDiBW01gElDMbTvz8u8dQfHbfKHQA_AZClHSeiWiH6UIB7g33qGcWnsFZfMePsvz3SVR30-jKmwQNm3qUSddEAT0wvjJbY2hdGt2XgmQKYfdg6knk7CFxO8QFr7tlSTzqdCx_Gp41Zlvaj_Rxu7DjZbvi_QdbaniuYzDw8iojNWvSxoM6Cpe8pNVA8RpyvWSvxtMvmfQ9DSDs3_20BfkdUBbiuqcc3eJZQnxVCxPKoD2Q_k77lTJ6NVG7xmI0kAcmwGHPIzv8z_6V1uhW0w17-Xwp_3UvThUL97jvwf3-_LSRt5VQ1TZ99gSEeLQyrV6N2LjDqRZAXaP8QtjNbazg0jNB25MzTVFTKG7yijVQolPdsXloRb2EdUmffusbqaDrwEU_v_5J3u3FzxdL3H4NhsuTHnYCodtmQ847AU-_Z_takLvmN2blDHNfaNWSW2Xxap4BU3l0Q4GUoP0cn-NDRzpHxGipjdNjg7Ed7Jf_cAUbw0y6FmeTwhkycVIzNCYFMXxcbwBZG92agw7ikzPHkftd61j7TTJiWWo3TQt6ryx4YDW3-Z5Fn-6XHvf2gu8JGYbbFA8xlK3BBP6_p7D5x882ekCIDGz_px_rB7rvSbhkQ8TTE5jFj5BYS9T8M1BHXGOQ0e3FKMizw3aL5ItGSNj7GuSbzhD97Ng3APOW3P5TmlUVbCilhRbxhzEiq67JK4Un2MA5HSlY2vefSFhfBV96U9T162b-v8tyYrC4_gPW8tFpMjKzKecLNlyu7dWqT9we01uwe94tritZxAhkEilP_vCqS0XuJF4nZv77bjMLpwz7o7gszkqrrVW4_Xko2k0brUffV8m3ISRB7phUFv9D-6HvCMdXwvv2nEkPR2cuJM904pijWWmyaIFsFbHfpQYIobR2R3zAaQfuqprSTQZd58CwZX6PmCFHbRppFC2nSQ9KWhGcQAgwaJ8QhQ5kZZNxmkF8qlMsiiVcFNoA04BYB1NLEMuEWQGo2Nqhl-O8qfEroA7gq3H0JyzaUltxNBg-UeZyAmO7G72dm95vYYdQPVJ-bk_RTEx7X21ZBwB8piwSqHrbUrHXXdanI6vJVd6gUBWWcnbM6NyjC7CFOyG6G-T03McYBS88LPDW-SLZ1xrZ608s1qkm-FYoBhbMDi14Jr7MBeWuQFpLED4ElnmXxcQv336p1XqE499cSL95DXOnGnE5exYuZDDOnSUfGeRID2kMTZBucUrMq_49xrRib96DFTd6SOgXim3C3yDzYu0huUgYyj3IxEcb2Vk4VW5rIiGNgTTQ-K4Fr9eI0SptkVnK4Km4S6wi_8R6HJ2qc5Fqi2NCNjkAO10mTl6JjShq0BKX4F5hwaTnI_ZpiuH0v_vTeuxqsmm_txzIOc3ctAy8CdDhIuBmqtGdhYZ5F0V7O73ICf3_HdlUkSMr2ie7OnjWGfg7ilNjzMPT5EVaO3fmxcZbOA6PQzrhabA5E8VF3jfclU_z-j3qCdZgr0P44mQd1SMDsw0MsVM1oGvbvJVa8Y7PVx29YDMXs6LAUgb_f748zP-wlDpLw9vZPYL2VKxRrYkFqqZODBch8iXmUgTc4kG7RdMD01TAJyBtfSVzq9OyToYldR1CR0epnwsL0ID6xWN7AKGLYk0uCeWr96X32A_ANdHwJZB4jclPkQH0QpDIezhaV4TcbTHtnwObQCKslDx0RhOka70Mj56tWFeUq0PC7DP8rGGTvg_-E4SyUenFJxwPSuwVgoTDSnniRzq6H1KjmTIzI-SAZSxXqAcOwIU4-G3Ld9EP1HkOoxtk8dRdDGEZHpCBke-Dm5PTXB8tPeWQfGmlhA8-lgXj4gFoDefMIrsFQ-yrvIkt-rWOKE4f4XfLuwrJkYPXGQQnhXOW03iejanlneV4lQ3pxq24JqxilDsVHoivSBxB5PIo3nbEqhEvhpQJaMncyfvGAisryOiPHRGWaS656-D5SsKAs1TYR09U2uHTvFzAfiQv8x-ewwm2sDKQT3JWMerv3YF5sfZ87IJVGrhElHcp0hOXgPCPDkW-ve2aNZLE9s0dcDQiAPETtexQcxLblMXwzTTRy8rFNhp6h3bc6hoKyyYSwrkSDLzfNZkRyiQ2zezijb2dL4jEOETiTnBsadtOOQUDh5l_HWLUPpB2bc5SpnKcUXGdiNeaQkAayXkoVh2OlvD8LE2IY4RxXz4th8m9ZdZ-qwbh5YA7DZV42pGwQTAFOJh2bQb7_8N9f17rphewje-FdzyckPtGa66-0LbYNg7MoMdyIWNH55v3_dvQjFm3Fg6fo_B4-vRQg-W5Re4qU0KcNqmIYy6Q9K6jcvWzUJPUo1rQcIk6DgS7z7jNQmejH7JfARBggXIxKiweppIzcm-l06VuVK8lSKP0WE5d6iYnipDoqmsFeTNpjukSKDdOIF1qTIjmvwgQ5Y037zx919YFrYoWV0m1FU27-p24P3OguxqukR6XuuN6q3W_M_qYOSdfSBS5PM7I126tpT1hijvdFwHmEBkIJvu41pDOvPZtEsaCziKadPapKmSFyDjvAw6T2cBY6scxHjtV7v_y9OoLksb2TFu1J1M-2tK-AvHxFzJJ0o2EsaJiDuiQtNmaGRAn8b76uMnk5b2V0GngjbnykxsU6hTMoXrBftXGtMJPgiH4MK945r-1r4X4EaT43AIDSHQqM79EBR8KGRGZsjqIbaocD_s_5ojWXDBPlRXfI5_mDPNHdC047NIoMxlIY_ss7GmeVb-3SLsvEb3V9h6kmiA_oa0C4n8lUUg2zJtJxESE0b3t6litRx_rQNnr_qYputvrPB0l4Sh435rGZO3diEGDlCrng4LgEwh19-d2XjTRNbIhmYgyWPBfW214fVOwM17voFmKVUPgtu7F0r2nyrshyTWbW549AfexedDzXQCnpGZ6j_vgki0-DPH7y_O2S-D_QbqqB8rMpp&cid=CAASEuRolboETAhBYMjjumn4YPCeKQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:34:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 34CB 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYi9qulQxbnF_RcB9UoXOkArkIXk1h2rhW8biBdFZsFXalQShP919RrOk3t7IAMESyfUkUIj_Xpn9TAgRzPh6pO8k2hsI1oylfGAw30UzzaqSFrGdrIFKlPMtSpCPuAc_3Szi1-bJTr8za8aGUURDCDzbevdccz-gq_z2PpSa9jTyVoLA0pOJfDPcJmC9paKJHwTMCa3i_bnTDP2zRvHFfepH17Rsw-WUkX6ge3uE99Bx8lSSwRVQGQfKRrt_tNZhVY_BVIghMTOiii0ib1h1Gx0QF1j3afwfGm2QwkDzE3pvEQOm2MIAy9PaxFWYJy7GTeen4YAWJc8xHni9Qhp6nFp2lMobLWO5cFYvQ9Uwb31G-AzzB09I32KPmhLN50NQqnX4nMXm2D13nY24yjtwYWOZDyAGf7J9ErKjQ2NDp6ieu3S1nOPCLEuzeW8jkkX8Dw2h7b2aeL7B1gGUnxoIrcc4lWLYvW67AozH-eH3hRLYnD2AWDNajNfuzL8rMcw5SoEi4rDdEewoj0xx3WFxDs3f2-v1GOWIAFaf61I9F6Afo7ILeZb7HHZ7GpcjNGrsL4kIXiWovuoL5Hyi6yzlusAkA_BbrGLF0gdI_bhzta6VDVZsBzULzQ5w1Ite9fTFrNsw04he3t03XvY4vEmwb0rGuf735b6mDQ7c1IlvThs2mhHj0oGVY9bhHNhF12b__G8c7XFrgMEQd_SbqSLXlHleIWNQTvvO1b82QhUYaR3LHp3GrvUOiFl886coVP2-XHTSKXS2_Zb6dPzjVfxw7XXC8VHJYRIpe6Lit4qheGTTCRiKDOlhpNsM9KUpX3Jp1Je9Rq7LlnJldLiMtnzcEbVC-oMdwGvAbogyoi-Ue-Dvx8bn-seiUAKQcmgkTJG_w4tmXYlA8gCui7eNxayz0_fGKYHVXQdIzosNGdMPlVno6UxqucwS4ZVbG9xNqW4d89BqCvtsbKBCE2ZMAs0m6c9rKCcfZA71YEiy5wepOE6x05MAMqGTzh1z1DIXH-j2h3tAkZtVDrDnnT2Ix0yUhF0DIlywS8ThlmdPlsTXBbzlpcHkSPNpWbKgVLNNs5Y8HyGikfuT8OVF3aGU3mWUZ_CNO4cZfcHl4ugVeznEUtiBT_vHDC_GJVp2_0x_XDpLfQNO9N1pi-yelkUUUjhgjgdQXFFo6z-Zvyw0FDYRhFKHXDESTjrgybiTVflqCLA&sai=AMfl-YSPqxM40qqO_0f8QrXr-5tBkn9R8W3Hmu0v7bVHdLLuT9wffTJKhsMC8kE-FwQylr4IRwGwPWm4_MhZILf_9ljl4NZpTd-OgLSGpP0K1RBqAwSE6_UkMylk-zeoD2ToEs0CbsmMsS-XTBd35NxZGKNWiKeVyw&sig=Cg0ArKJSzGYNugKmrK7lEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220707.19765&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8ymRFZ388SIIJLUqtd9GddXaa2QTNny0U1f-Yfm-7kePR2dYN2LZ3mvZudwghsub5sW83XyiP1bX6kpkaaG6xaeMZ3_ueDr0BG-On7vkWKN4Wc_NFS3JkdUPsY05k5HKWyKOYextZMRmsU1YDftzFD-t3BA&cry=1&dbm_d=AKAmf-ArzBjdPoVyXog7CqFaDrp5AMtvUHus8x3zKDJqIFjHkYhdK2Q-IEoiEAktEIBphPLVYJ4WXNnuf5fR2YxNpQI-vuV62LrkYBEovc6ndC9cZDilHufgOXM9w9_zhcBzCNtem-EASBFG_WuI_bq34IEGyJ_JV6X2fZMuUkY87i5f3rAx7wLB96Tvex3Bw6-ufulUdtFzpyLfieaYCrOwcSu8Per8_B2gdqXFZLI_9n8gTV_Nmv8VD1lAKJNSCHXRrcKmthkcTkmLnxTf_A8tm9bzh3duf7lXWf5gu25G_jcrTdvunFhMhKX6b261hngPz5mDjxp1-nZ2lx8cshdlQHC9uD-QEnQ6htxkEMftmYJiHD4V00Gu-h6mNToZvuT9FrVTZlXiUrFctNeL4NBKNywL5Uz9S5DJLwk1wUoKS7SQikQiJahtEIt76QkNI3BeLFz3qzKgPkgmJea9Lj30vA4lQhVNU2yltBVRi4-0mC0u5mzh6L63oJpRFQebl4JG_A3qsjz5IsN2um8fl-7Y-Eti9tGEMi_26q8oRORAkoDCC_3xDrhDTDMoh3H0b7nDlAo_0KiQu4gCngI3_-r95J9C0Nl9EXqW7FuugmVdJWE-DqXWYNapRG1H4gEF3iiTb6kLnoDiBW01gElDMbTvz8u8dQfHbfKHQA_AZClHSeiWiH6UIB7g33qGcWnsFZfMePsvz3SVR30-jKmwQNm3qUSddEAT0wvjJbY2hdGt2XgmQKYfdg6knk7CFxO8QFr7tlSTzqdCx_Gp41Zlvaj_Rxu7DjZbvi_QdbaniuYzDw8iojNWvSxoM6Cpe8pNVA8RpyvWSvxtMvmfQ9DSDs3_20BfkdUBbiuqcc3eJZQnxVCxPKoD2Q_k77lTJ6NVG7xmI0kAcmwGHPIzv8z_6V1uhW0w17-Xwp_3UvThUL97jvwf3-_LSRt5VQ1TZ99gSEeLQyrV6N2LjDqRZAXaP8QtjNbazg0jNB25MzTVFTKG7yijVQolPdsXloRb2EdUmffusbqaDrwEU_v_5J3u3FzxdL3H4NhsuTHnYCodtmQ847AU-_Z_takLvmN2blDHNfaNWSW2Xxap4BU3l0Q4GUoP0cn-NDRzpHxGipjdNjg7Ed7Jf_cAUbw0y6FmeTwhkycVIzNCYFMXxcbwBZG92agw7ikzPHkftd61j7TTJiWWo3TQt6ryx4YDW3-Z5Fn-6XHvf2gu8JGYbbFA8xlK3BBP6_p7D5x882ekCIDGz_px_rB7rvSbhkQ8TTE5jFj5BYS9T8M1BHXGOQ0e3FKMizw3aL5ItGSNj7GuSbzhD97Ng3APOW3P5TmlUVbCilhRbxhzEiq67JK4Un2MA5HSlY2vefSFhfBV96U9T162b-v8tyYrC4_gPW8tFpMjKzKecLNlyu7dWqT9we01uwe94tritZxAhkEilP_vCqS0XuJF4nZv77bjMLpwz7o7gszkqrrVW4_Xko2k0brUffV8m3ISRB7phUFv9D-6HvCMdXwvv2nEkPR2cuJM904pijWWmyaIFsFbHfpQYIobR2R3zAaQfuqprSTQZd58CwZX6PmCFHbRppFC2nSQ9KWhGcQAgwaJ8QhQ5kZZNxmkF8qlMsiiVcFNoA04BYB1NLEMuEWQGo2Nqhl-O8qfEroA7gq3H0JyzaUltxNBg-UeZyAmO7G72dm95vYYdQPVJ-bk_RTEx7X21ZBwB8piwSqHrbUrHXXdanI6vJVd6gUBWWcnbM6NyjC7CFOyG6G-T03McYBS88LPDW-SLZ1xrZ608s1qkm-FYoBhbMDi14Jr7MBeWuQFpLED4ElnmXxcQv336p1XqE499cSL95DXOnGnE5exYuZDDOnSUfGeRID2kMTZBucUrMq_49xrRib96DFTd6SOgXim3C3yDzYu0huUgYyj3IxEcb2Vk4VW5rIiGNgTTQ-K4Fr9eI0SptkVnK4Km4S6wi_8R6HJ2qc5Fqi2NCNjkAO10mTl6JjShq0BKX4F5hwaTnI_ZpiuH0v_vTeuxqsmm_txzIOc3ctAy8CdDhIuBmqtGdhYZ5F0V7O73ICf3_HdlUkSMr2ie7OnjWGfg7ilNjzMPT5EVaO3fmxcZbOA6PQzrhabA5E8VF3jfclU_z-j3qCdZgr0P44mQd1SMDsw0MsVM1oGvbvJVa8Y7PVx29YDMXs6LAUgb_f748zP-wlDpLw9vZPYL2VKxRrYkFqqZODBch8iXmUgTc4kG7RdMD01TAJyBtfSVzq9OyToYldR1CR0epnwsL0ID6xWN7AKGLYk0uCeWr96X32A_ANdHwJZB4jclPkQH0QpDIezhaV4TcbTHtnwObQCKslDx0RhOka70Mj56tWFeUq0PC7DP8rGGTvg_-E4SyUenFJxwPSuwVgoTDSnniRzq6H1KjmTIzI-SAZSxXqAcOwIU4-G3Ld9EP1HkOoxtk8dRdDGEZHpCBke-Dm5PTXB8tPeWQfGmlhA8-lgXj4gFoDefMIrsFQ-yrvIkt-rWOKE4f4XfLuwrJkYPXGQQnhXOW03iejanlneV4lQ3pxq24JqxilDsVHoivSBxB5PIo3nbEqhEvhpQJaMncyfvGAisryOiPHRGWaS656-D5SsKAs1TYR09U2uHTvFzAfiQv8x-ewwm2sDKQT3JWMerv3YF5sfZ87IJVGrhElHcp0hOXgPCPDkW-ve2aNZLE9s0dcDQiAPETtexQcxLblMXwzTTRy8rFNhp6h3bc6hoKyyYSwrkSDLzfNZkRyiQ2zezijb2dL4jEOETiTnBsadtOOQUDh5l_HWLUPpB2bc5SpnKcUXGdiNeaQkAayXkoVh2OlvD8LE2IY4RxXz4th8m9ZdZ-qwbh5YA7DZV42pGwQTAFOJh2bQb7_8N9f17rphewje-FdzyckPtGa66-0LbYNg7MoMdyIWNH55v3_dvQjFm3Fg6fo_B4-vRQg-W5Re4qU0KcNqmIYy6Q9K6jcvWzUJPUo1rQcIk6DgS7z7jNQmejH7JfARBggXIxKiweppIzcm-l06VuVK8lSKP0WE5d6iYnipDoqmsFeTNpjukSKDdOIF1qTIjmvwgQ5Y037zx919YFrYoWV0m1FU27-p24P3OguxqukR6XuuN6q3W_M_qYOSdfSBS5PM7I126tpT1hijvdFwHmEBkIJvu41pDOvPZtEsaCziKadPapKmSFyDjvAw6T2cBY6scxHjtV7v_y9OoLksb2TFu1J1M-2tK-AvHxFzJJ0o2EsaJiDuiQtNmaGRAn8b76uMnk5b2V0GngjbnykxsU6hTMoXrBftXGtMJPgiH4MK945r-1r4X4EaT43AIDSHQqM79EBR8KGRGZsjqIbaocD_s_5ojWXDBPlRXfI5_mDPNHdC047NIoMxlIY_ss7GmeVb-3SLsvEb3V9h6kmiA_oa0C4n8lUUg2zJtJxESE0b3t6litRx_rQNnr_qYputvrPB0l4Sh435rGZO3diEGDlCrng4LgEwh19-d2XjTRNbIhmYgyWPBfW214fVOwM17voFmKVUPgtu7F0r2nyrshyTWbW549AfexedDzXQCnpGZ6j_vgki0-DPH7y_O2S-D_QbqqB8rMpp&cid=CAASEuRolboETAhBYMjjumn4YPCeKQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 34CB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8ymRFZ388SIIJLUqtd9GddXaa2QTNny0U1f-Yfm-7kePR2dYN2LZ3mvZudwghsub5sW83XyiP1bX6kpkaaG6xaeMZ3_ueDr0BG-On7vkWKN4Wc_NFS3JkdUPsY05k5HKWyKOYextZMRmsU1YDftzFD-t3BA&cry=1&dbm_d=AKAmf-ArzBjdPoVyXog7CqFaDrp5AMtvUHus8x3zKDJqIFjHkYhdK2Q-IEoiEAktEIBphPLVYJ4WXNnuf5fR2YxNpQI-vuV62LrkYBEovc6ndC9cZDilHufgOXM9w9_zhcBzCNtem-EASBFG_WuI_bq34IEGyJ_JV6X2fZMuUkY87i5f3rAx7wLB96Tvex3Bw6-ufulUdtFzpyLfieaYCrOwcSu8Per8_B2gdqXFZLI_9n8gTV_Nmv8VD1lAKJNSCHXRrcKmthkcTkmLnxTf_A8tm9bzh3duf7lXWf5gu25G_jcrTdvunFhMhKX6b261hngPz5mDjxp1-nZ2lx8cshdlQHC9uD-QEnQ6htxkEMftmYJiHD4V00Gu-h6mNToZvuT9FrVTZlXiUrFctNeL4NBKNywL5Uz9S5DJLwk1wUoKS7SQikQiJahtEIt76QkNI3BeLFz3qzKgPkgmJea9Lj30vA4lQhVNU2yltBVRi4-0mC0u5mzh6L63oJpRFQebl4JG_A3qsjz5IsN2um8fl-7Y-Eti9tGEMi_26q8oRORAkoDCC_3xDrhDTDMoh3H0b7nDlAo_0KiQu4gCngI3_-r95J9C0Nl9EXqW7FuugmVdJWE-DqXWYNapRG1H4gEF3iiTb6kLnoDiBW01gElDMbTvz8u8dQfHbfKHQA_AZClHSeiWiH6UIB7g33qGcWnsFZfMePsvz3SVR30-jKmwQNm3qUSddEAT0wvjJbY2hdGt2XgmQKYfdg6knk7CFxO8QFr7tlSTzqdCx_Gp41Zlvaj_Rxu7DjZbvi_QdbaniuYzDw8iojNWvSxoM6Cpe8pNVA8RpyvWSvxtMvmfQ9DSDs3_20BfkdUBbiuqcc3eJZQnxVCxPKoD2Q_k77lTJ6NVG7xmI0kAcmwGHPIzv8z_6V1uhW0w17-Xwp_3UvThUL97jvwf3-_LSRt5VQ1TZ99gSEeLQyrV6N2LjDqRZAXaP8QtjNbazg0jNB25MzTVFTKG7yijVQolPdsXloRb2EdUmffusbqaDrwEU_v_5J3u3FzxdL3H4NhsuTHnYCodtmQ847AU-_Z_takLvmN2blDHNfaNWSW2Xxap4BU3l0Q4GUoP0cn-NDRzpHxGipjdNjg7Ed7Jf_cAUbw0y6FmeTwhkycVIzNCYFMXxcbwBZG92agw7ikzPHkftd61j7TTJiWWo3TQt6ryx4YDW3-Z5Fn-6XHvf2gu8JGYbbFA8xlK3BBP6_p7D5x882ekCIDGz_px_rB7rvSbhkQ8TTE5jFj5BYS9T8M1BHXGOQ0e3FKMizw3aL5ItGSNj7GuSbzhD97Ng3APOW3P5TmlUVbCilhRbxhzEiq67JK4Un2MA5HSlY2vefSFhfBV96U9T162b-v8tyYrC4_gPW8tFpMjKzKecLNlyu7dWqT9we01uwe94tritZxAhkEilP_vCqS0XuJF4nZv77bjMLpwz7o7gszkqrrVW4_Xko2k0brUffV8m3ISRB7phUFv9D-6HvCMdXwvv2nEkPR2cuJM904pijWWmyaIFsFbHfpQYIobR2R3zAaQfuqprSTQZd58CwZX6PmCFHbRppFC2nSQ9KWhGcQAgwaJ8QhQ5kZZNxmkF8qlMsiiVcFNoA04BYB1NLEMuEWQGo2Nqhl-O8qfEroA7gq3H0JyzaUltxNBg-UeZyAmO7G72dm95vYYdQPVJ-bk_RTEx7X21ZBwB8piwSqHrbUrHXXdanI6vJVd6gUBWWcnbM6NyjC7CFOyG6G-T03McYBS88LPDW-SLZ1xrZ608s1qkm-FYoBhbMDi14Jr7MBeWuQFpLED4ElnmXxcQv336p1XqE499cSL95DXOnGnE5exYuZDDOnSUfGeRID2kMTZBucUrMq_49xrRib96DFTd6SOgXim3C3yDzYu0huUgYyj3IxEcb2Vk4VW5rIiGNgTTQ-K4Fr9eI0SptkVnK4Km4S6wi_8R6HJ2qc5Fqi2NCNjkAO10mTl6JjShq0BKX4F5hwaTnI_ZpiuH0v_vTeuxqsmm_txzIOc3ctAy8CdDhIuBmqtGdhYZ5F0V7O73ICf3_HdlUkSMr2ie7OnjWGfg7ilNjzMPT5EVaO3fmxcZbOA6PQzrhabA5E8VF3jfclU_z-j3qCdZgr0P44mQd1SMDsw0MsVM1oGvbvJVa8Y7PVx29YDMXs6LAUgb_f748zP-wlDpLw9vZPYL2VKxRrYkFqqZODBch8iXmUgTc4kG7RdMD01TAJyBtfSVzq9OyToYldR1CR0epnwsL0ID6xWN7AKGLYk0uCeWr96X32A_ANdHwJZB4jclPkQH0QpDIezhaV4TcbTHtnwObQCKslDx0RhOka70Mj56tWFeUq0PC7DP8rGGTvg_-E4SyUenFJxwPSuwVgoTDSnniRzq6H1KjmTIzI-SAZSxXqAcOwIU4-G3Ld9EP1HkOoxtk8dRdDGEZHpCBke-Dm5PTXB8tPeWQfGmlhA8-lgXj4gFoDefMIrsFQ-yrvIkt-rWOKE4f4XfLuwrJkYPXGQQnhXOW03iejanlneV4lQ3pxq24JqxilDsVHoivSBxB5PIo3nbEqhEvhpQJaMncyfvGAisryOiPHRGWaS656-D5SsKAs1TYR09U2uHTvFzAfiQv8x-ewwm2sDKQT3JWMerv3YF5sfZ87IJVGrhElHcp0hOXgPCPDkW-ve2aNZLE9s0dcDQiAPETtexQcxLblMXwzTTRy8rFNhp6h3bc6hoKyyYSwrkSDLzfNZkRyiQ2zezijb2dL4jEOETiTnBsadtOOQUDh5l_HWLUPpB2bc5SpnKcUXGdiNeaQkAayXkoVh2OlvD8LE2IY4RxXz4th8m9ZdZ-qwbh5YA7DZV42pGwQTAFOJh2bQb7_8N9f17rphewje-FdzyckPtGa66-0LbYNg7MoMdyIWNH55v3_dvQjFm3Fg6fo_B4-vRQg-W5Re4qU0KcNqmIYy6Q9K6jcvWzUJPUo1rQcIk6DgS7z7jNQmejH7JfARBggXIxKiweppIzcm-l06VuVK8lSKP0WE5d6iYnipDoqmsFeTNpjukSKDdOIF1qTIjmvwgQ5Y037zx919YFrYoWV0m1FU27-p24P3OguxqukR6XuuN6q3W_M_qYOSdfSBS5PM7I126tpT1hijvdFwHmEBkIJvu41pDOvPZtEsaCziKadPapKmSFyDjvAw6T2cBY6scxHjtV7v_y9OoLksb2TFu1J1M-2tK-AvHxFzJJ0o2EsaJiDuiQtNmaGRAn8b76uMnk5b2V0GngjbnykxsU6hTMoXrBftXGtMJPgiH4MK945r-1r4X4EaT43AIDSHQqM79EBR8KGRGZsjqIbaocD_s_5ojWXDBPlRXfI5_mDPNHdC047NIoMxlIY_ss7GmeVb-3SLsvEb3V9h6kmiA_oa0C4n8lUUg2zJtJxESE0b3t6litRx_rQNnr_qYputvrPB0l4Sh435rGZO3diEGDlCrng4LgEwh19-d2XjTRNbIhmYgyWPBfW214fVOwM17voFmKVUPgtu7F0r2nyrshyTWbW549AfexedDzXQCnpGZ6j_vgki0-DPH7y_O2S-D_QbqqB8rMpp&cid=CAASEuRolboETAhBYMjjumn4YPCeKQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 10:25:41 GMT
4568265682230405018
s0.2mdn.net/simgad/ Frame 34CB 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4568265682230405018
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_15007199967767714%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253De042d1bb27a551c6dce6ae9c57cb1edd&wgl=1&dt=1657860134716&bpp=14&bdt=307&idt=185&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=1989006315182&frm=22&ife=1&pv=2&ga_vid=312782414.1657860135&ga_sid=1657860135&ga_hid=1346745249&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3162089807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068106%2C31068419%2C44768689&oid=2&pvsid=699737011385212&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.vzvnrzxcie2z&fsb=1&xpc=86z9VKqpSl&p=https%3A//file.adpartner.pro&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ff7c94b39d2917f7a4698ad6fb513e2d832716a88f8187da948aef42dbefcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 21:04:47 GMT
x-content-type-options
nosniff
age
373048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119449
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 11:06:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jul 2023 21:04:47 GMT
18101263895937959033
tpc.googlesyndication.com/simgad/ Frame 3943 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18101263895937959033
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46cda8809a5a0fc58808ff6bfc903b67f678b9d52a672f549070d0caf775e856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 22:29:56 GMT
x-content-type-options
nosniff
age
195139
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
152507
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 15:34:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Jul 2023 22:29:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 3943 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:25:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3943 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:06:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3943 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3943 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:38:03 GMT
l
www.google.com/ads/measurement/ Frame 3943 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOlIPcsxc6N5P_VfJVR9L6MJYr3y7CLsblKrnU1HEf8LEmHFsGt8T6QwPzb2Dacb0mmU-kItRcgI4Bin-kG3iTc1lMAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3943 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:24:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11868
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12985
x-xss-protection
0
server
cafe
etag
7466239315051897255
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 01:24:27 GMT
4568265682230405018
s0.2mdn.net/simgad/ Frame FF23 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4568265682230405018
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXpZfkYllHBYNFhM7dowsvZMV0fLnlcau-LZdj885gx05sDy_HeIaEOPQ6fXnwBMZY_J6j485t9EHmD1c3UuickNbWQhsi4BN-s1U2nr539BLqhF3EydOhcRvGfvMBwxFcSBbdm76ZpNaLOlsB0HYCUWsI8Q&cry=1&dbm_d=AKAmf-ABb4CMDxfH0GvSoIXIM61fxCQd6a-vuTUuN9qKAvMGdSTOtAvJ0PW12P0s8VxDOStMF7S4lLxjvmQzQv7vkZ-fUR3-Tl48NeCsIYUXMhvsEn5JbAqenghCiQltO8-LA80XoN-r-BXBx4pVfOGltiX8RK-nfYkCVJThUJt9hotF9N1tEyRONNOXaMneTK2HjkJMVGOrwPjimnxEOqYx6MzzybHX8Nf6RRZzV8QhWABD2ZNr9J6yaRnm21aop769udPOUWTAcMAPEcDMUbktPnKkD5DJUj6nJJnsVvTVxVKZQ3wl5FtJePQklJ7dIXSEhq6zsRPxcJ6vS6JruP1sIvdK-OxKyJt9wmFk2XRvbFv3NXI3Nk3dEK41k69NzurBM18UGrdXpg4sqn80twiEDY9DEPWULkvycM1Nt3_NjNFZKcCkg0VC8W48gURR-34UqbXyxpnWLIqngW0wwozBnC8yrGfMWsCR-1fOTdqNskw87kQ0FyoT0Ez8agBQTdFbmFMYSTkBlUbkLNNgXgL4d-sKMCxQM2STQl1MrDRBVRpui4bNurjbGv_gQpkRWruMkPlkOe9RShu_wUGpT5VVknzYDrVM4MYUXiy4uGc7-YmJ6rsNkCAZGd1HKJbB55KB7UBKN29m69UqqBiA9kkOedh43BbvYmYoQBBaxpL5fg5rp6BzktX7Od1lJGUgYXuy4Ht_tvBQz8zq-TJCXDMWKoBrDlquuX7Fr1ik2ER0fkttdgsUQgsoU5J5r-HZ_Tq5mlGOZ6xFsEPtgIkMhax5elzy7Qua3NJYeB26llgiHl42Ja6PYy98p5wwgFFqdbThQBKhXc66te52vSNu7DhP35dqoVQSFfD0Eam7G0qRnvPSD3wAD4todX4QRNb-UO4hRP4e4mDVainf-Hsem2_WlqFknSQYAVxXS_hOiCwLHXneOzfnINaa6c2jaLLyIG7B2cZ3gjbDO6NYwcJOK9tnn6a1s20xCZvcZM9a2sI_QerHAjpq-SAZMJYXi4Tg5yHOILzgCSNOu1zE9TRQYtONsq10cj_WpKia2VnmMvnGP7se-i-VgcE8f3igaIDQGFf5cSFs3RPgqIL_rDpqExQGu5VeMPAIDMPnliYOFSK3QEQT0GZ4kTbyRjsHvNV6UK5X3CA512no5jGZ0-kAZ6JKE1ChCLanygGms9wNprpkGLY63hD7vP3Qlofprece8TLIRhHf3fAnebJw5vAKkGO8N9I1N7CaF7DRxgfWGiAYVDV7T17_vlqLe84eaeFtTfKXZPZCM-nDta_Ktr_FaDvhW6uA_ElG9vrjnAjwzZycX9HRnVNTaeiebLKzeuf52gibXRlwqEkupWoDtAFfoQHFtUsCyZkc9D_rui7mh6TaT9SQsIXi3TjTTWTqZONSuqnIN1dH9ceuifqmO0_Rl0a-TGp12AYvT6gf_uXGnX9dtVixSALKgwU7UpH_Nz7zsuoP0fnRJvUKwnWCAo9BAeO8Ul3h_btXdKYX-PFubhKPqZFVrvLk56SH_Zaawpir-Inj0_uT0UfRZhorYDtzqYaEZc55oVGycsca0zPZcifyRjuRGe6TeBorg2FBSer7s9ThlYD7pMtAKBmn3F4DoEfJJCkHdTcsSCpd-Bk5skohc-7OaiK5opyo06h85nUVwrAApoCWXcwL9KQwUxnj355stHQMwa00HJFSNXmoiLK7MCc0y8P61PN3HGQ_3U4u9bT08PSynCTSVkUTY-zMnubhEZRp8LTAcqci8Vkbr7R-wHt23OF_L-ggymlEjKNNoPbfNGmSGCN4HaXG6AVSnkKDV7Qd5fB8qc1OtlulvLqxizSzufvuddzuMzws7L-n4QB7hh3WEGo1Z2XotLgW9oUeCvlflIsLscPO-iwNFcSEPEjBSufGbf19UeQe-d7DTGezc4FIg4dxAwvJM1pzb7mGm6guK26EFBSk6QdHz05B28oPVJVeVgkqzIvb49Rjd5Psc_9zifKZ82zbntYOHgTEPbOSmSa3bRbg2ypShdw7tz-a3ae6G3I4CnqygpiCksCtUT3cPk31vxmbfN93i5LqFeXjy5p1m63dqRFIBNlpd5-jODVrccTr3bQy66Znbql9oT5lA59ZOIrovcnH24ing7NPpIFPPFFK0dLx_3WQ3tyEqON3bv11K4eK_nvo9m_7vN90EJHd10fu84pvJbhRsjTwTEChnB1JjDPbrdqOK5RLcCLi70-sovxSnrA3g1aSIdXEIAx81Mcm-2TBuCA7ANNg9iHYFKZ7B62W2vrQyDADPT4rPXwNzqJVHwwg_SpkojFqua-2l0OXtbsqwthVTRwM8S2zuJXEqc72Gu4bH718-IIERAzsHt9rbe7pzJ4Cwqie8y_tVUYrRmg5tdkmiiDct0zjCNDfg99X4ZEirWwgH12XVz8tqj1XH58WqFV2TVbln7jsEXQwAGIDfAiY3tX6flrk3AbtYcEi95Eq6cPjKTT6hu2LnCexZcf7kdcb4cb1XhryQCfxJdAUgXutz68LjzpB3UuXt037FSSfm30QxyKq6CHbJrkOveq4aqVFZXnx_UlsXQQBcXz03EZsz6OKI66y7quDfjmpNiY0Q8kczVJrkjDE40jTp_6EZ8yHeUCHTyadulcRsTWJqne6I_s2ol9Qcpa4KB0tzuNq88xyQ3vEqLx_24rV1NQIkxdvVbbMRSaXK9Tq2XPvWhcWw9ZX1Zyq1m0ArpARMeqPkdOUjbAdBsSCpnFmXrsrBN9t88GC40lQh8qBa_HRDmixdUp3Q1WMWf6d295SoSwsgKF1PVz59-63UteagjRsmuFLERKjZ2mMmQjRiuw1wUY7ckHrgQ2PLxXIcewiPDAbMCc6y2_1-3mmTbZPR8Dbj2PrkxjVyyd6Pxcyx3J_VAodLOF3VGbMR5lNrYSdE-wDNnUxBQiyeSqd1zM56RlKuJuUdinUrTdjIUoNoohkdIHmQmkCGYhvwawwu4P5LePRxjnSL39d6Wc8t35IbL65czSnEvu85MrHuJwCxftyoqEf1ulkaK6Qori0Ku6Hi8wlfGgHs-b9rzWX4WNMtkcW4t4xyo4AhcPnpyOJPs3ikQjxNgkQpY_nxX4sNXEQ4FfOJXVGEuqgmqV0nEETc1DPO38VqJYBB2ukONGX25S7GSZVbG9buSUS7s-2JS4Z6ZfSlgLs7U_y0U_IgAjtlwojNANkMlLRbsr0P6JRydY7Q6SQQ04KR8h-SMORYtQF8fSBkjbwzSsrs0blyRzJ9kFhUQpoBgSV6M1KKJjC_qE3ny4Vowqt99Nb60pzWLC6ykTkV7AYbT7olMxVnBO0yNPKkIwN9XIes3Pqw-xzW9ua0gjmft_jNjAAjUq5tMrx-a9u9XdSNVmCAyUXx0G7GNCgbvQHT2KF0TonyDhOzSUsePYqGQTU4h0IKrKMzeG72ewisEUTErsaHbumvTtMamMVNuIh60hf4pTY9IwkUez2BhHn2xP5blhNJtTvoZ1esY3fciWhRB-lB7wf7wiT1HiOtW-qckUsgvlMWKnVoMR1WUT6TqSqEnrsC0H69OeOwZqXvGtpJ0sQDJuh3_nknWzWV95whlg6OSvG&cid=CAASEuRo3NhDHifqncH0I9I5WJsUng&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ff7c94b39d2917f7a4698ad6fb513e2d832716a88f8187da948aef42dbefcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 21:04:47 GMT
x-content-type-options
nosniff
age
373048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119449
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 11:06:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jul 2023 21:04:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame FF23 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXpZfkYllHBYNFhM7dowsvZMV0fLnlcau-LZdj885gx05sDy_HeIaEOPQ6fXnwBMZY_J6j485t9EHmD1c3UuickNbWQhsi4BN-s1U2nr539BLqhF3EydOhcRvGfvMBwxFcSBbdm76ZpNaLOlsB0HYCUWsI8Q&cry=1&dbm_d=AKAmf-ABb4CMDxfH0GvSoIXIM61fxCQd6a-vuTUuN9qKAvMGdSTOtAvJ0PW12P0s8VxDOStMF7S4lLxjvmQzQv7vkZ-fUR3-Tl48NeCsIYUXMhvsEn5JbAqenghCiQltO8-LA80XoN-r-BXBx4pVfOGltiX8RK-nfYkCVJThUJt9hotF9N1tEyRONNOXaMneTK2HjkJMVGOrwPjimnxEOqYx6MzzybHX8Nf6RRZzV8QhWABD2ZNr9J6yaRnm21aop769udPOUWTAcMAPEcDMUbktPnKkD5DJUj6nJJnsVvTVxVKZQ3wl5FtJePQklJ7dIXSEhq6zsRPxcJ6vS6JruP1sIvdK-OxKyJt9wmFk2XRvbFv3NXI3Nk3dEK41k69NzurBM18UGrdXpg4sqn80twiEDY9DEPWULkvycM1Nt3_NjNFZKcCkg0VC8W48gURR-34UqbXyxpnWLIqngW0wwozBnC8yrGfMWsCR-1fOTdqNskw87kQ0FyoT0Ez8agBQTdFbmFMYSTkBlUbkLNNgXgL4d-sKMCxQM2STQl1MrDRBVRpui4bNurjbGv_gQpkRWruMkPlkOe9RShu_wUGpT5VVknzYDrVM4MYUXiy4uGc7-YmJ6rsNkCAZGd1HKJbB55KB7UBKN29m69UqqBiA9kkOedh43BbvYmYoQBBaxpL5fg5rp6BzktX7Od1lJGUgYXuy4Ht_tvBQz8zq-TJCXDMWKoBrDlquuX7Fr1ik2ER0fkttdgsUQgsoU5J5r-HZ_Tq5mlGOZ6xFsEPtgIkMhax5elzy7Qua3NJYeB26llgiHl42Ja6PYy98p5wwgFFqdbThQBKhXc66te52vSNu7DhP35dqoVQSFfD0Eam7G0qRnvPSD3wAD4todX4QRNb-UO4hRP4e4mDVainf-Hsem2_WlqFknSQYAVxXS_hOiCwLHXneOzfnINaa6c2jaLLyIG7B2cZ3gjbDO6NYwcJOK9tnn6a1s20xCZvcZM9a2sI_QerHAjpq-SAZMJYXi4Tg5yHOILzgCSNOu1zE9TRQYtONsq10cj_WpKia2VnmMvnGP7se-i-VgcE8f3igaIDQGFf5cSFs3RPgqIL_rDpqExQGu5VeMPAIDMPnliYOFSK3QEQT0GZ4kTbyRjsHvNV6UK5X3CA512no5jGZ0-kAZ6JKE1ChCLanygGms9wNprpkGLY63hD7vP3Qlofprece8TLIRhHf3fAnebJw5vAKkGO8N9I1N7CaF7DRxgfWGiAYVDV7T17_vlqLe84eaeFtTfKXZPZCM-nDta_Ktr_FaDvhW6uA_ElG9vrjnAjwzZycX9HRnVNTaeiebLKzeuf52gibXRlwqEkupWoDtAFfoQHFtUsCyZkc9D_rui7mh6TaT9SQsIXi3TjTTWTqZONSuqnIN1dH9ceuifqmO0_Rl0a-TGp12AYvT6gf_uXGnX9dtVixSALKgwU7UpH_Nz7zsuoP0fnRJvUKwnWCAo9BAeO8Ul3h_btXdKYX-PFubhKPqZFVrvLk56SH_Zaawpir-Inj0_uT0UfRZhorYDtzqYaEZc55oVGycsca0zPZcifyRjuRGe6TeBorg2FBSer7s9ThlYD7pMtAKBmn3F4DoEfJJCkHdTcsSCpd-Bk5skohc-7OaiK5opyo06h85nUVwrAApoCWXcwL9KQwUxnj355stHQMwa00HJFSNXmoiLK7MCc0y8P61PN3HGQ_3U4u9bT08PSynCTSVkUTY-zMnubhEZRp8LTAcqci8Vkbr7R-wHt23OF_L-ggymlEjKNNoPbfNGmSGCN4HaXG6AVSnkKDV7Qd5fB8qc1OtlulvLqxizSzufvuddzuMzws7L-n4QB7hh3WEGo1Z2XotLgW9oUeCvlflIsLscPO-iwNFcSEPEjBSufGbf19UeQe-d7DTGezc4FIg4dxAwvJM1pzb7mGm6guK26EFBSk6QdHz05B28oPVJVeVgkqzIvb49Rjd5Psc_9zifKZ82zbntYOHgTEPbOSmSa3bRbg2ypShdw7tz-a3ae6G3I4CnqygpiCksCtUT3cPk31vxmbfN93i5LqFeXjy5p1m63dqRFIBNlpd5-jODVrccTr3bQy66Znbql9oT5lA59ZOIrovcnH24ing7NPpIFPPFFK0dLx_3WQ3tyEqON3bv11K4eK_nvo9m_7vN90EJHd10fu84pvJbhRsjTwTEChnB1JjDPbrdqOK5RLcCLi70-sovxSnrA3g1aSIdXEIAx81Mcm-2TBuCA7ANNg9iHYFKZ7B62W2vrQyDADPT4rPXwNzqJVHwwg_SpkojFqua-2l0OXtbsqwthVTRwM8S2zuJXEqc72Gu4bH718-IIERAzsHt9rbe7pzJ4Cwqie8y_tVUYrRmg5tdkmiiDct0zjCNDfg99X4ZEirWwgH12XVz8tqj1XH58WqFV2TVbln7jsEXQwAGIDfAiY3tX6flrk3AbtYcEi95Eq6cPjKTT6hu2LnCexZcf7kdcb4cb1XhryQCfxJdAUgXutz68LjzpB3UuXt037FSSfm30QxyKq6CHbJrkOveq4aqVFZXnx_UlsXQQBcXz03EZsz6OKI66y7quDfjmpNiY0Q8kczVJrkjDE40jTp_6EZ8yHeUCHTyadulcRsTWJqne6I_s2ol9Qcpa4KB0tzuNq88xyQ3vEqLx_24rV1NQIkxdvVbbMRSaXK9Tq2XPvWhcWw9ZX1Zyq1m0ArpARMeqPkdOUjbAdBsSCpnFmXrsrBN9t88GC40lQh8qBa_HRDmixdUp3Q1WMWf6d295SoSwsgKF1PVz59-63UteagjRsmuFLERKjZ2mMmQjRiuw1wUY7ckHrgQ2PLxXIcewiPDAbMCc6y2_1-3mmTbZPR8Dbj2PrkxjVyyd6Pxcyx3J_VAodLOF3VGbMR5lNrYSdE-wDNnUxBQiyeSqd1zM56RlKuJuUdinUrTdjIUoNoohkdIHmQmkCGYhvwawwu4P5LePRxjnSL39d6Wc8t35IbL65czSnEvu85MrHuJwCxftyoqEf1ulkaK6Qori0Ku6Hi8wlfGgHs-b9rzWX4WNMtkcW4t4xyo4AhcPnpyOJPs3ikQjxNgkQpY_nxX4sNXEQ4FfOJXVGEuqgmqV0nEETc1DPO38VqJYBB2ukONGX25S7GSZVbG9buSUS7s-2JS4Z6ZfSlgLs7U_y0U_IgAjtlwojNANkMlLRbsr0P6JRydY7Q6SQQ04KR8h-SMORYtQF8fSBkjbwzSsrs0blyRzJ9kFhUQpoBgSV6M1KKJjC_qE3ny4Vowqt99Nb60pzWLC6ykTkV7AYbT7olMxVnBO0yNPKkIwN9XIes3Pqw-xzW9ua0gjmft_jNjAAjUq5tMrx-a9u9XdSNVmCAyUXx0G7GNCgbvQHT2KF0TonyDhOzSUsePYqGQTU4h0IKrKMzeG72ewisEUTErsaHbumvTtMamMVNuIh60hf4pTY9IwkUez2BhHn2xP5blhNJtTvoZ1esY3fciWhRB-lB7wf7wiT1HiOtW-qckUsgvlMWKnVoMR1WUT6TqSqEnrsC0H69OeOwZqXvGtpJ0sQDJuh3_nknWzWV95whlg6OSvG&cid=CAASEuRo3NhDHifqncH0I9I5WJsUng&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:41:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame FF23 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXpZfkYllHBYNFhM7dowsvZMV0fLnlcau-LZdj885gx05sDy_HeIaEOPQ6fXnwBMZY_J6j485t9EHmD1c3UuickNbWQhsi4BN-s1U2nr539BLqhF3EydOhcRvGfvMBwxFcSBbdm76ZpNaLOlsB0HYCUWsI8Q&cry=1&dbm_d=AKAmf-ABb4CMDxfH0GvSoIXIM61fxCQd6a-vuTUuN9qKAvMGdSTOtAvJ0PW12P0s8VxDOStMF7S4lLxjvmQzQv7vkZ-fUR3-Tl48NeCsIYUXMhvsEn5JbAqenghCiQltO8-LA80XoN-r-BXBx4pVfOGltiX8RK-nfYkCVJThUJt9hotF9N1tEyRONNOXaMneTK2HjkJMVGOrwPjimnxEOqYx6MzzybHX8Nf6RRZzV8QhWABD2ZNr9J6yaRnm21aop769udPOUWTAcMAPEcDMUbktPnKkD5DJUj6nJJnsVvTVxVKZQ3wl5FtJePQklJ7dIXSEhq6zsRPxcJ6vS6JruP1sIvdK-OxKyJt9wmFk2XRvbFv3NXI3Nk3dEK41k69NzurBM18UGrdXpg4sqn80twiEDY9DEPWULkvycM1Nt3_NjNFZKcCkg0VC8W48gURR-34UqbXyxpnWLIqngW0wwozBnC8yrGfMWsCR-1fOTdqNskw87kQ0FyoT0Ez8agBQTdFbmFMYSTkBlUbkLNNgXgL4d-sKMCxQM2STQl1MrDRBVRpui4bNurjbGv_gQpkRWruMkPlkOe9RShu_wUGpT5VVknzYDrVM4MYUXiy4uGc7-YmJ6rsNkCAZGd1HKJbB55KB7UBKN29m69UqqBiA9kkOedh43BbvYmYoQBBaxpL5fg5rp6BzktX7Od1lJGUgYXuy4Ht_tvBQz8zq-TJCXDMWKoBrDlquuX7Fr1ik2ER0fkttdgsUQgsoU5J5r-HZ_Tq5mlGOZ6xFsEPtgIkMhax5elzy7Qua3NJYeB26llgiHl42Ja6PYy98p5wwgFFqdbThQBKhXc66te52vSNu7DhP35dqoVQSFfD0Eam7G0qRnvPSD3wAD4todX4QRNb-UO4hRP4e4mDVainf-Hsem2_WlqFknSQYAVxXS_hOiCwLHXneOzfnINaa6c2jaLLyIG7B2cZ3gjbDO6NYwcJOK9tnn6a1s20xCZvcZM9a2sI_QerHAjpq-SAZMJYXi4Tg5yHOILzgCSNOu1zE9TRQYtONsq10cj_WpKia2VnmMvnGP7se-i-VgcE8f3igaIDQGFf5cSFs3RPgqIL_rDpqExQGu5VeMPAIDMPnliYOFSK3QEQT0GZ4kTbyRjsHvNV6UK5X3CA512no5jGZ0-kAZ6JKE1ChCLanygGms9wNprpkGLY63hD7vP3Qlofprece8TLIRhHf3fAnebJw5vAKkGO8N9I1N7CaF7DRxgfWGiAYVDV7T17_vlqLe84eaeFtTfKXZPZCM-nDta_Ktr_FaDvhW6uA_ElG9vrjnAjwzZycX9HRnVNTaeiebLKzeuf52gibXRlwqEkupWoDtAFfoQHFtUsCyZkc9D_rui7mh6TaT9SQsIXi3TjTTWTqZONSuqnIN1dH9ceuifqmO0_Rl0a-TGp12AYvT6gf_uXGnX9dtVixSALKgwU7UpH_Nz7zsuoP0fnRJvUKwnWCAo9BAeO8Ul3h_btXdKYX-PFubhKPqZFVrvLk56SH_Zaawpir-Inj0_uT0UfRZhorYDtzqYaEZc55oVGycsca0zPZcifyRjuRGe6TeBorg2FBSer7s9ThlYD7pMtAKBmn3F4DoEfJJCkHdTcsSCpd-Bk5skohc-7OaiK5opyo06h85nUVwrAApoCWXcwL9KQwUxnj355stHQMwa00HJFSNXmoiLK7MCc0y8P61PN3HGQ_3U4u9bT08PSynCTSVkUTY-zMnubhEZRp8LTAcqci8Vkbr7R-wHt23OF_L-ggymlEjKNNoPbfNGmSGCN4HaXG6AVSnkKDV7Qd5fB8qc1OtlulvLqxizSzufvuddzuMzws7L-n4QB7hh3WEGo1Z2XotLgW9oUeCvlflIsLscPO-iwNFcSEPEjBSufGbf19UeQe-d7DTGezc4FIg4dxAwvJM1pzb7mGm6guK26EFBSk6QdHz05B28oPVJVeVgkqzIvb49Rjd5Psc_9zifKZ82zbntYOHgTEPbOSmSa3bRbg2ypShdw7tz-a3ae6G3I4CnqygpiCksCtUT3cPk31vxmbfN93i5LqFeXjy5p1m63dqRFIBNlpd5-jODVrccTr3bQy66Znbql9oT5lA59ZOIrovcnH24ing7NPpIFPPFFK0dLx_3WQ3tyEqON3bv11K4eK_nvo9m_7vN90EJHd10fu84pvJbhRsjTwTEChnB1JjDPbrdqOK5RLcCLi70-sovxSnrA3g1aSIdXEIAx81Mcm-2TBuCA7ANNg9iHYFKZ7B62W2vrQyDADPT4rPXwNzqJVHwwg_SpkojFqua-2l0OXtbsqwthVTRwM8S2zuJXEqc72Gu4bH718-IIERAzsHt9rbe7pzJ4Cwqie8y_tVUYrRmg5tdkmiiDct0zjCNDfg99X4ZEirWwgH12XVz8tqj1XH58WqFV2TVbln7jsEXQwAGIDfAiY3tX6flrk3AbtYcEi95Eq6cPjKTT6hu2LnCexZcf7kdcb4cb1XhryQCfxJdAUgXutz68LjzpB3UuXt037FSSfm30QxyKq6CHbJrkOveq4aqVFZXnx_UlsXQQBcXz03EZsz6OKI66y7quDfjmpNiY0Q8kczVJrkjDE40jTp_6EZ8yHeUCHTyadulcRsTWJqne6I_s2ol9Qcpa4KB0tzuNq88xyQ3vEqLx_24rV1NQIkxdvVbbMRSaXK9Tq2XPvWhcWw9ZX1Zyq1m0ArpARMeqPkdOUjbAdBsSCpnFmXrsrBN9t88GC40lQh8qBa_HRDmixdUp3Q1WMWf6d295SoSwsgKF1PVz59-63UteagjRsmuFLERKjZ2mMmQjRiuw1wUY7ckHrgQ2PLxXIcewiPDAbMCc6y2_1-3mmTbZPR8Dbj2PrkxjVyyd6Pxcyx3J_VAodLOF3VGbMR5lNrYSdE-wDNnUxBQiyeSqd1zM56RlKuJuUdinUrTdjIUoNoohkdIHmQmkCGYhvwawwu4P5LePRxjnSL39d6Wc8t35IbL65czSnEvu85MrHuJwCxftyoqEf1ulkaK6Qori0Ku6Hi8wlfGgHs-b9rzWX4WNMtkcW4t4xyo4AhcPnpyOJPs3ikQjxNgkQpY_nxX4sNXEQ4FfOJXVGEuqgmqV0nEETc1DPO38VqJYBB2ukONGX25S7GSZVbG9buSUS7s-2JS4Z6ZfSlgLs7U_y0U_IgAjtlwojNANkMlLRbsr0P6JRydY7Q6SQQ04KR8h-SMORYtQF8fSBkjbwzSsrs0blyRzJ9kFhUQpoBgSV6M1KKJjC_qE3ny4Vowqt99Nb60pzWLC6ykTkV7AYbT7olMxVnBO0yNPKkIwN9XIes3Pqw-xzW9ua0gjmft_jNjAAjUq5tMrx-a9u9XdSNVmCAyUXx0G7GNCgbvQHT2KF0TonyDhOzSUsePYqGQTU4h0IKrKMzeG72ewisEUTErsaHbumvTtMamMVNuIh60hf4pTY9IwkUez2BhHn2xP5blhNJtTvoZ1esY3fciWhRB-lB7wf7wiT1HiOtW-qckUsgvlMWKnVoMR1WUT6TqSqEnrsC0H69OeOwZqXvGtpJ0sQDJuh3_nknWzWV95whlg6OSvG&cid=CAASEuRo3NhDHifqncH0I9I5WJsUng&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:34:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FF23 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKy7hpV-62ZiodGS-BiECIUwOPep1nSKfClIwmzkvej1M5k3vLhHogBI9ECYXRCOF8NNyTfboStZG6RqorIV6LxiD5amHWqgMraAio8pecRoCS4MDYxykvg_x4LGX7J71QiB3IZSoya0NC-8PWvpskPxJXqNh9asJegZpgC0sIhI665Pmr_Hsm752iaDol2buUzshF1oqIOaJh7ud4Ho4vnZNwAM4xVX0aWQ4KAHOjbx5I7wosiPXiLQcbVBTBpBhPu5rK1vyzAQJAppy6AF1DUnS1LKG3Lltwi8_NbISfmH1nGTHMJeb4vkO9uYHgJtbuESJ9W8SyQUF9rLgm7KgcAig95tP0RCU2L5ShGIwZz3B6qoAr7Noq18XMz7PGjgI7w9rbyNISDX973tpKEsOpW2jwpPohVv9HTVRiIIMdnNyo3q1UwaZTN-bsxtLeVRe-SBweyFUKZpbfYIxnOVIBzJpO8O-TDAezuo6IMWUD4BNGHdpcvYl2CveZcwtP_ff18jEc5oBF5Vri1-En4ImVx0msCJlxarHemSC9P61yVsmfsIodvsEgDj_GBfPWFRQqVGEF1MW1ON4bTj8-sXw2mki2nI9zC-TMXfjLsuciaFUupOx7lIWV2Cz8CID10bBD5KrHCqAijCYWYet5fJyX_tYPKjVKNuXAu1uhM8eR4DHxBmEpkvOdItoeDb1gkFwIQ2Y50LjykfK2p9ehwbVTnCtK-xTrMxLwcCSsS1Jc8rzH2hXZcRchuaNXboYTOW9ox9roM8dHOBymxpWMTIj_r-FJWPYhh3txRKO1rwMOnCFuQgnGH9_qwBlDgc5QYIxG-hJ_2OOP87Q1SsNGbIUeCF1RKkYy2s41FNgrEw6NgMo0109O5eVW5Zl7oJKiCzf0YW45R7ldhaQnUoa5zuk9TKtIgjnKOerpUN1m3zHtjYRKzobP3Ee_CNU5H7VK1h4-w0NYjUJfoYQBx5hL2ELEabGYVjuM4XQy1OspCTuUeTlEh1_zP36FlijmlRLpQlGkWAM8p7Ke6tn9sEG8wJVuo3t8PBG42Vi0h8ku162U7zjO6jpYvKhaHzAVmhw_YzCOdATXFbdFZBUYS0txoEWCct1GAoTRCAaHSZwva9tOItNjTcgUcKyv1d6WYNcIdWYjtXgvlLFBQGRVdDWQLCqExPGSI8zAkBzV_yPgWjBVFSvd8P6Ipgnorv6awKRE3g&sai=AMfl-YRKmEworgxiqrly5YEJu9Lst8mZnd8VyUiv0OjXZrGi8hMy9mmTyzqDoMBlbNBLiEQDxOAMdCL6zvT6z6vdjtbobzl0saz5dgc15yYob8aARREnLBlbXLzKCetPS2DIcrV2LUAaXDKCqxeTjl7IdwG0XUBfaw&sig=Cg0ArKJSzFvOHoryaSGNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220707.66462&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXpZfkYllHBYNFhM7dowsvZMV0fLnlcau-LZdj885gx05sDy_HeIaEOPQ6fXnwBMZY_J6j485t9EHmD1c3UuickNbWQhsi4BN-s1U2nr539BLqhF3EydOhcRvGfvMBwxFcSBbdm76ZpNaLOlsB0HYCUWsI8Q&cry=1&dbm_d=AKAmf-ABb4CMDxfH0GvSoIXIM61fxCQd6a-vuTUuN9qKAvMGdSTOtAvJ0PW12P0s8VxDOStMF7S4lLxjvmQzQv7vkZ-fUR3-Tl48NeCsIYUXMhvsEn5JbAqenghCiQltO8-LA80XoN-r-BXBx4pVfOGltiX8RK-nfYkCVJThUJt9hotF9N1tEyRONNOXaMneTK2HjkJMVGOrwPjimnxEOqYx6MzzybHX8Nf6RRZzV8QhWABD2ZNr9J6yaRnm21aop769udPOUWTAcMAPEcDMUbktPnKkD5DJUj6nJJnsVvTVxVKZQ3wl5FtJePQklJ7dIXSEhq6zsRPxcJ6vS6JruP1sIvdK-OxKyJt9wmFk2XRvbFv3NXI3Nk3dEK41k69NzurBM18UGrdXpg4sqn80twiEDY9DEPWULkvycM1Nt3_NjNFZKcCkg0VC8W48gURR-34UqbXyxpnWLIqngW0wwozBnC8yrGfMWsCR-1fOTdqNskw87kQ0FyoT0Ez8agBQTdFbmFMYSTkBlUbkLNNgXgL4d-sKMCxQM2STQl1MrDRBVRpui4bNurjbGv_gQpkRWruMkPlkOe9RShu_wUGpT5VVknzYDrVM4MYUXiy4uGc7-YmJ6rsNkCAZGd1HKJbB55KB7UBKN29m69UqqBiA9kkOedh43BbvYmYoQBBaxpL5fg5rp6BzktX7Od1lJGUgYXuy4Ht_tvBQz8zq-TJCXDMWKoBrDlquuX7Fr1ik2ER0fkttdgsUQgsoU5J5r-HZ_Tq5mlGOZ6xFsEPtgIkMhax5elzy7Qua3NJYeB26llgiHl42Ja6PYy98p5wwgFFqdbThQBKhXc66te52vSNu7DhP35dqoVQSFfD0Eam7G0qRnvPSD3wAD4todX4QRNb-UO4hRP4e4mDVainf-Hsem2_WlqFknSQYAVxXS_hOiCwLHXneOzfnINaa6c2jaLLyIG7B2cZ3gjbDO6NYwcJOK9tnn6a1s20xCZvcZM9a2sI_QerHAjpq-SAZMJYXi4Tg5yHOILzgCSNOu1zE9TRQYtONsq10cj_WpKia2VnmMvnGP7se-i-VgcE8f3igaIDQGFf5cSFs3RPgqIL_rDpqExQGu5VeMPAIDMPnliYOFSK3QEQT0GZ4kTbyRjsHvNV6UK5X3CA512no5jGZ0-kAZ6JKE1ChCLanygGms9wNprpkGLY63hD7vP3Qlofprece8TLIRhHf3fAnebJw5vAKkGO8N9I1N7CaF7DRxgfWGiAYVDV7T17_vlqLe84eaeFtTfKXZPZCM-nDta_Ktr_FaDvhW6uA_ElG9vrjnAjwzZycX9HRnVNTaeiebLKzeuf52gibXRlwqEkupWoDtAFfoQHFtUsCyZkc9D_rui7mh6TaT9SQsIXi3TjTTWTqZONSuqnIN1dH9ceuifqmO0_Rl0a-TGp12AYvT6gf_uXGnX9dtVixSALKgwU7UpH_Nz7zsuoP0fnRJvUKwnWCAo9BAeO8Ul3h_btXdKYX-PFubhKPqZFVrvLk56SH_Zaawpir-Inj0_uT0UfRZhorYDtzqYaEZc55oVGycsca0zPZcifyRjuRGe6TeBorg2FBSer7s9ThlYD7pMtAKBmn3F4DoEfJJCkHdTcsSCpd-Bk5skohc-7OaiK5opyo06h85nUVwrAApoCWXcwL9KQwUxnj355stHQMwa00HJFSNXmoiLK7MCc0y8P61PN3HGQ_3U4u9bT08PSynCTSVkUTY-zMnubhEZRp8LTAcqci8Vkbr7R-wHt23OF_L-ggymlEjKNNoPbfNGmSGCN4HaXG6AVSnkKDV7Qd5fB8qc1OtlulvLqxizSzufvuddzuMzws7L-n4QB7hh3WEGo1Z2XotLgW9oUeCvlflIsLscPO-iwNFcSEPEjBSufGbf19UeQe-d7DTGezc4FIg4dxAwvJM1pzb7mGm6guK26EFBSk6QdHz05B28oPVJVeVgkqzIvb49Rjd5Psc_9zifKZ82zbntYOHgTEPbOSmSa3bRbg2ypShdw7tz-a3ae6G3I4CnqygpiCksCtUT3cPk31vxmbfN93i5LqFeXjy5p1m63dqRFIBNlpd5-jODVrccTr3bQy66Znbql9oT5lA59ZOIrovcnH24ing7NPpIFPPFFK0dLx_3WQ3tyEqON3bv11K4eK_nvo9m_7vN90EJHd10fu84pvJbhRsjTwTEChnB1JjDPbrdqOK5RLcCLi70-sovxSnrA3g1aSIdXEIAx81Mcm-2TBuCA7ANNg9iHYFKZ7B62W2vrQyDADPT4rPXwNzqJVHwwg_SpkojFqua-2l0OXtbsqwthVTRwM8S2zuJXEqc72Gu4bH718-IIERAzsHt9rbe7pzJ4Cwqie8y_tVUYrRmg5tdkmiiDct0zjCNDfg99X4ZEirWwgH12XVz8tqj1XH58WqFV2TVbln7jsEXQwAGIDfAiY3tX6flrk3AbtYcEi95Eq6cPjKTT6hu2LnCexZcf7kdcb4cb1XhryQCfxJdAUgXutz68LjzpB3UuXt037FSSfm30QxyKq6CHbJrkOveq4aqVFZXnx_UlsXQQBcXz03EZsz6OKI66y7quDfjmpNiY0Q8kczVJrkjDE40jTp_6EZ8yHeUCHTyadulcRsTWJqne6I_s2ol9Qcpa4KB0tzuNq88xyQ3vEqLx_24rV1NQIkxdvVbbMRSaXK9Tq2XPvWhcWw9ZX1Zyq1m0ArpARMeqPkdOUjbAdBsSCpnFmXrsrBN9t88GC40lQh8qBa_HRDmixdUp3Q1WMWf6d295SoSwsgKF1PVz59-63UteagjRsmuFLERKjZ2mMmQjRiuw1wUY7ckHrgQ2PLxXIcewiPDAbMCc6y2_1-3mmTbZPR8Dbj2PrkxjVyyd6Pxcyx3J_VAodLOF3VGbMR5lNrYSdE-wDNnUxBQiyeSqd1zM56RlKuJuUdinUrTdjIUoNoohkdIHmQmkCGYhvwawwu4P5LePRxjnSL39d6Wc8t35IbL65czSnEvu85MrHuJwCxftyoqEf1ulkaK6Qori0Ku6Hi8wlfGgHs-b9rzWX4WNMtkcW4t4xyo4AhcPnpyOJPs3ikQjxNgkQpY_nxX4sNXEQ4FfOJXVGEuqgmqV0nEETc1DPO38VqJYBB2ukONGX25S7GSZVbG9buSUS7s-2JS4Z6ZfSlgLs7U_y0U_IgAjtlwojNANkMlLRbsr0P6JRydY7Q6SQQ04KR8h-SMORYtQF8fSBkjbwzSsrs0blyRzJ9kFhUQpoBgSV6M1KKJjC_qE3ny4Vowqt99Nb60pzWLC6ykTkV7AYbT7olMxVnBO0yNPKkIwN9XIes3Pqw-xzW9ua0gjmft_jNjAAjUq5tMrx-a9u9XdSNVmCAyUXx0G7GNCgbvQHT2KF0TonyDhOzSUsePYqGQTU4h0IKrKMzeG72ewisEUTErsaHbumvTtMamMVNuIh60hf4pTY9IwkUez2BhHn2xP5blhNJtTvoZ1esY3fciWhRB-lB7wf7wiT1HiOtW-qckUsgvlMWKnVoMR1WUT6TqSqEnrsC0H69OeOwZqXvGtpJ0sQDJuh3_nknWzWV95whlg6OSvG&cid=CAASEuRo3NhDHifqncH0I9I5WJsUng&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FF23 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXpZfkYllHBYNFhM7dowsvZMV0fLnlcau-LZdj885gx05sDy_HeIaEOPQ6fXnwBMZY_J6j485t9EHmD1c3UuickNbWQhsi4BN-s1U2nr539BLqhF3EydOhcRvGfvMBwxFcSBbdm76ZpNaLOlsB0HYCUWsI8Q&cry=1&dbm_d=AKAmf-ABb4CMDxfH0GvSoIXIM61fxCQd6a-vuTUuN9qKAvMGdSTOtAvJ0PW12P0s8VxDOStMF7S4lLxjvmQzQv7vkZ-fUR3-Tl48NeCsIYUXMhvsEn5JbAqenghCiQltO8-LA80XoN-r-BXBx4pVfOGltiX8RK-nfYkCVJThUJt9hotF9N1tEyRONNOXaMneTK2HjkJMVGOrwPjimnxEOqYx6MzzybHX8Nf6RRZzV8QhWABD2ZNr9J6yaRnm21aop769udPOUWTAcMAPEcDMUbktPnKkD5DJUj6nJJnsVvTVxVKZQ3wl5FtJePQklJ7dIXSEhq6zsRPxcJ6vS6JruP1sIvdK-OxKyJt9wmFk2XRvbFv3NXI3Nk3dEK41k69NzurBM18UGrdXpg4sqn80twiEDY9DEPWULkvycM1Nt3_NjNFZKcCkg0VC8W48gURR-34UqbXyxpnWLIqngW0wwozBnC8yrGfMWsCR-1fOTdqNskw87kQ0FyoT0Ez8agBQTdFbmFMYSTkBlUbkLNNgXgL4d-sKMCxQM2STQl1MrDRBVRpui4bNurjbGv_gQpkRWruMkPlkOe9RShu_wUGpT5VVknzYDrVM4MYUXiy4uGc7-YmJ6rsNkCAZGd1HKJbB55KB7UBKN29m69UqqBiA9kkOedh43BbvYmYoQBBaxpL5fg5rp6BzktX7Od1lJGUgYXuy4Ht_tvBQz8zq-TJCXDMWKoBrDlquuX7Fr1ik2ER0fkttdgsUQgsoU5J5r-HZ_Tq5mlGOZ6xFsEPtgIkMhax5elzy7Qua3NJYeB26llgiHl42Ja6PYy98p5wwgFFqdbThQBKhXc66te52vSNu7DhP35dqoVQSFfD0Eam7G0qRnvPSD3wAD4todX4QRNb-UO4hRP4e4mDVainf-Hsem2_WlqFknSQYAVxXS_hOiCwLHXneOzfnINaa6c2jaLLyIG7B2cZ3gjbDO6NYwcJOK9tnn6a1s20xCZvcZM9a2sI_QerHAjpq-SAZMJYXi4Tg5yHOILzgCSNOu1zE9TRQYtONsq10cj_WpKia2VnmMvnGP7se-i-VgcE8f3igaIDQGFf5cSFs3RPgqIL_rDpqExQGu5VeMPAIDMPnliYOFSK3QEQT0GZ4kTbyRjsHvNV6UK5X3CA512no5jGZ0-kAZ6JKE1ChCLanygGms9wNprpkGLY63hD7vP3Qlofprece8TLIRhHf3fAnebJw5vAKkGO8N9I1N7CaF7DRxgfWGiAYVDV7T17_vlqLe84eaeFtTfKXZPZCM-nDta_Ktr_FaDvhW6uA_ElG9vrjnAjwzZycX9HRnVNTaeiebLKzeuf52gibXRlwqEkupWoDtAFfoQHFtUsCyZkc9D_rui7mh6TaT9SQsIXi3TjTTWTqZONSuqnIN1dH9ceuifqmO0_Rl0a-TGp12AYvT6gf_uXGnX9dtVixSALKgwU7UpH_Nz7zsuoP0fnRJvUKwnWCAo9BAeO8Ul3h_btXdKYX-PFubhKPqZFVrvLk56SH_Zaawpir-Inj0_uT0UfRZhorYDtzqYaEZc55oVGycsca0zPZcifyRjuRGe6TeBorg2FBSer7s9ThlYD7pMtAKBmn3F4DoEfJJCkHdTcsSCpd-Bk5skohc-7OaiK5opyo06h85nUVwrAApoCWXcwL9KQwUxnj355stHQMwa00HJFSNXmoiLK7MCc0y8P61PN3HGQ_3U4u9bT08PSynCTSVkUTY-zMnubhEZRp8LTAcqci8Vkbr7R-wHt23OF_L-ggymlEjKNNoPbfNGmSGCN4HaXG6AVSnkKDV7Qd5fB8qc1OtlulvLqxizSzufvuddzuMzws7L-n4QB7hh3WEGo1Z2XotLgW9oUeCvlflIsLscPO-iwNFcSEPEjBSufGbf19UeQe-d7DTGezc4FIg4dxAwvJM1pzb7mGm6guK26EFBSk6QdHz05B28oPVJVeVgkqzIvb49Rjd5Psc_9zifKZ82zbntYOHgTEPbOSmSa3bRbg2ypShdw7tz-a3ae6G3I4CnqygpiCksCtUT3cPk31vxmbfN93i5LqFeXjy5p1m63dqRFIBNlpd5-jODVrccTr3bQy66Znbql9oT5lA59ZOIrovcnH24ing7NPpIFPPFFK0dLx_3WQ3tyEqON3bv11K4eK_nvo9m_7vN90EJHd10fu84pvJbhRsjTwTEChnB1JjDPbrdqOK5RLcCLi70-sovxSnrA3g1aSIdXEIAx81Mcm-2TBuCA7ANNg9iHYFKZ7B62W2vrQyDADPT4rPXwNzqJVHwwg_SpkojFqua-2l0OXtbsqwthVTRwM8S2zuJXEqc72Gu4bH718-IIERAzsHt9rbe7pzJ4Cwqie8y_tVUYrRmg5tdkmiiDct0zjCNDfg99X4ZEirWwgH12XVz8tqj1XH58WqFV2TVbln7jsEXQwAGIDfAiY3tX6flrk3AbtYcEi95Eq6cPjKTT6hu2LnCexZcf7kdcb4cb1XhryQCfxJdAUgXutz68LjzpB3UuXt037FSSfm30QxyKq6CHbJrkOveq4aqVFZXnx_UlsXQQBcXz03EZsz6OKI66y7quDfjmpNiY0Q8kczVJrkjDE40jTp_6EZ8yHeUCHTyadulcRsTWJqne6I_s2ol9Qcpa4KB0tzuNq88xyQ3vEqLx_24rV1NQIkxdvVbbMRSaXK9Tq2XPvWhcWw9ZX1Zyq1m0ArpARMeqPkdOUjbAdBsSCpnFmXrsrBN9t88GC40lQh8qBa_HRDmixdUp3Q1WMWf6d295SoSwsgKF1PVz59-63UteagjRsmuFLERKjZ2mMmQjRiuw1wUY7ckHrgQ2PLxXIcewiPDAbMCc6y2_1-3mmTbZPR8Dbj2PrkxjVyyd6Pxcyx3J_VAodLOF3VGbMR5lNrYSdE-wDNnUxBQiyeSqd1zM56RlKuJuUdinUrTdjIUoNoohkdIHmQmkCGYhvwawwu4P5LePRxjnSL39d6Wc8t35IbL65czSnEvu85MrHuJwCxftyoqEf1ulkaK6Qori0Ku6Hi8wlfGgHs-b9rzWX4WNMtkcW4t4xyo4AhcPnpyOJPs3ikQjxNgkQpY_nxX4sNXEQ4FfOJXVGEuqgmqV0nEETc1DPO38VqJYBB2ukONGX25S7GSZVbG9buSUS7s-2JS4Z6ZfSlgLs7U_y0U_IgAjtlwojNANkMlLRbsr0P6JRydY7Q6SQQ04KR8h-SMORYtQF8fSBkjbwzSsrs0blyRzJ9kFhUQpoBgSV6M1KKJjC_qE3ny4Vowqt99Nb60pzWLC6ykTkV7AYbT7olMxVnBO0yNPKkIwN9XIes3Pqw-xzW9ua0gjmft_jNjAAjUq5tMrx-a9u9XdSNVmCAyUXx0G7GNCgbvQHT2KF0TonyDhOzSUsePYqGQTU4h0IKrKMzeG72ewisEUTErsaHbumvTtMamMVNuIh60hf4pTY9IwkUez2BhHn2xP5blhNJtTvoZ1esY3fciWhRB-lB7wf7wiT1HiOtW-qckUsgvlMWKnVoMR1WUT6TqSqEnrsC0H69OeOwZqXvGtpJ0sQDJuh3_nknWzWV95whlg6OSvG&cid=CAASEuRo3NhDHifqncH0I9I5WJsUng&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 10:25:41 GMT
ptrack
a.audrte.com/ Frame 8C2E 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=5.187.21.105&p=M1353665098&artime=2022-07-15T04:42:15.463Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b7e5ab084476a2d5ae085f716853c4bcf1957af34744401685a328c83dc86a4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 8C2E 		155 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Jul 2022 23:17:04 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
age
19512
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
67FW234wuZoKwicba03UPFaja4kgem3ehY6rmEmO0sHMluCJnk-iSQ==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9E78 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
205352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 19:39:43 GMT
expires
Wed, 12 Jul 2023 19:39:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
data
bcp.crwdcntrl.net/6/ Frame 8C2E 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.12.115
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
s
googleads.g.doubleclick.net/pagead/drt/ Frame EE1B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
3078
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 03:50:57 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CB48 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
205352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 19:39:43 GMT
expires
Wed, 12 Jul 2023 19:39:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 2683 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 03:50:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Jul 2022 04:42:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Jul 2022 04:42:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 2683 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:13:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 2683 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:25:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 2683 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:06:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2683 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 2683 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Jul 2022 04:38:03 GMT
l
www.google.com/ads/measurement/ Frame 2683 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTa6yUUaa6O3ARl6aWvthc7JlOaw26x0QDpSaZ18PU4BZzu1u0iIvizmbbQLblA08QJ4acuex90FNMAlCiw4ug30fNAGQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
9fbfea14cd545ec81bc54d3c558bfb70.js
www.gstatic.com/mysidia/ Frame 2683 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9fbfea14cd545ec81bc54d3c558bfb70.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13103
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:20:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 10:28:28 GMT
p
a.audrte.com/ Frame 8C2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=&google_gid=CAESEJ-2ESymPjDdIr3RWEEEKrA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 8C2E
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8263187426641512786
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 8C2E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3hdiz5CBTYuTpiawiWwRPGN1A&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 04:42:15 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
downsize_200k_v1
tpc.googlesyndication.com/simgad/1002651981248993709/ Frame 2683 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1002651981248993709/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2093b6d0102bc97c13782276f88258dc5e5996f6c5bb7da4e7b828437194cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 10:58:34 GMT
x-content-type-options
nosniff
age
582221
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122608
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 14:55:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 08 Jul 2023 10:58:34 GMT
truncated
/ Frame 2683 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2683 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame 9E78 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EE1B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:15 GMT
expires
Fri, 15 Jul 2022 04:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 04:42:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame CB48 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
truncated
/ Frame 3943 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0bb98c255be9c76f9799402dc0e69334836b9c8379813cad207ac40bb4736d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2683 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4e3a79bbf99c23453d9338743a57fafbba83324090047a917c829dcaf197896

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 34CB 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYi9qulQxbnF_RcB9UoXOkArkIXk1h2rhW8biBdFZsFXalQShP919RrOk3t7IAMESyfUkUIj_Xpn9TAgRzPh6pO8k2hsI1oylfGAw30UzzaqSFrGdrIFKlPMtSpCPuAc_3Szi1-bJTr8za8aGUURDCDzbevdccz-gq_z2PpSa9jTyVoLA0pOJfDPcJmC9paKJHwTMCa3i_bnTDP2zRvHFfepH17Rsw-WUkX6ge3uE99Bx8lSSwRVQGQfKRrt_tNZhVY_BVIghMTOiii0ib1h1Gx0QF1j3afwfGm2QwkDzE3pvEQOm2MIAy9PaxFWYJy7GTeen4YAWJc8xHni9Qhp6nFp2lMobLWO5cFYvQ9Uwb31G-AzzB09I32KPmhLN50NQqnX4nMXm2D13nY24yjtwYWOZDyAGf7J9ErKjQ2NDp6ieu3S1nOPCLEuzeW8jkkX8Dw2h7b2aeL7B1gGUnxoIrcc4lWLYvW67AozH-eH3hRLYnD2AWDNajNfuzL8rMcw5SoEi4rDdEewoj0xx3WFxDs3f2-v1GOWIAFaf61I9F6Afo7ILeZb7HHZ7GpcjNGrsL4kIXiWovuoL5Hyi6yzlusAkA_BbrGLF0gdI_bhzta6VDVZsBzULzQ5w1Ite9fTFrNsw04he3t03XvY4vEmwb0rGuf735b6mDQ7c1IlvThs2mhHj0oGVY9bhHNhF12b__G8c7XFrgMEQd_SbqSLXlHleIWNQTvvO1b82QhUYaR3LHp3GrvUOiFl886coVP2-XHTSKXS2_Zb6dPzjVfxw7XXC8VHJYRIpe6Lit4qheGTTCRiKDOlhpNsM9KUpX3Jp1Je9Rq7LlnJldLiMtnzcEbVC-oMdwGvAbogyoi-Ue-Dvx8bn-seiUAKQcmgkTJG_w4tmXYlA8gCui7eNxayz0_fGKYHVXQdIzosNGdMPlVno6UxqucwS4ZVbG9xNqW4d89BqCvtsbKBCE2ZMAs0m6c9rKCcfZA71YEiy5wepOE6x05MAMqGTzh1z1DIXH-j2h3tAkZtVDrDnnT2Ix0yUhF0DIlywS8ThlmdPlsTXBbzlpcHkSPNpWbKgVLNNs5Y8HyGikfuT8OVF3aGU3mWUZ_CNO4cZfcHl4ugVeznEUtiBT_vHDC_GJVp2_0x_XDpLfQNO9N1pi-yelkUUUjhgjgdQXFFo6z-Zvyw0FDYRhFKHXDESTjrgybiTVflqCLA&sai=AMfl-YSPqxM40qqO_0f8QrXr-5tBkn9R8W3Hmu0v7bVHdLLuT9wffTJKhsMC8kE-FwQylr4IRwGwPWm4_MhZILf_9ljl4NZpTd-OgLSGpP0K1RBqAwSE6_UkMylk-zeoD2ToEs0CbsmMsS-XTBd35NxZGKNWiKeVyw&sig=Cg0ArKJSzGYNugKmrK7lEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=298&vt=11&dtpt=297&dett=2&cstd=0&cisv=r20220707.19765&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8ymRFZ388SIIJLUqtd9GddXaa2QTNny0U1f-Yfm-7kePR2dYN2LZ3mvZudwghsub5sW83XyiP1bX6kpkaaG6xaeMZ3_ueDr0BG-On7vkWKN4Wc_NFS3JkdUPsY05k5HKWyKOYextZMRmsU1YDftzFD-t3BA&cry=1&dbm_d=AKAmf-ArzBjdPoVyXog7CqFaDrp5AMtvUHus8x3zKDJqIFjHkYhdK2Q-IEoiEAktEIBphPLVYJ4WXNnuf5fR2YxNpQI-vuV62LrkYBEovc6ndC9cZDilHufgOXM9w9_zhcBzCNtem-EASBFG_WuI_bq34IEGyJ_JV6X2fZMuUkY87i5f3rAx7wLB96Tvex3Bw6-ufulUdtFzpyLfieaYCrOwcSu8Per8_B2gdqXFZLI_9n8gTV_Nmv8VD1lAKJNSCHXRrcKmthkcTkmLnxTf_A8tm9bzh3duf7lXWf5gu25G_jcrTdvunFhMhKX6b261hngPz5mDjxp1-nZ2lx8cshdlQHC9uD-QEnQ6htxkEMftmYJiHD4V00Gu-h6mNToZvuT9FrVTZlXiUrFctNeL4NBKNywL5Uz9S5DJLwk1wUoKS7SQikQiJahtEIt76QkNI3BeLFz3qzKgPkgmJea9Lj30vA4lQhVNU2yltBVRi4-0mC0u5mzh6L63oJpRFQebl4JG_A3qsjz5IsN2um8fl-7Y-Eti9tGEMi_26q8oRORAkoDCC_3xDrhDTDMoh3H0b7nDlAo_0KiQu4gCngI3_-r95J9C0Nl9EXqW7FuugmVdJWE-DqXWYNapRG1H4gEF3iiTb6kLnoDiBW01gElDMbTvz8u8dQfHbfKHQA_AZClHSeiWiH6UIB7g33qGcWnsFZfMePsvz3SVR30-jKmwQNm3qUSddEAT0wvjJbY2hdGt2XgmQKYfdg6knk7CFxO8QFr7tlSTzqdCx_Gp41Zlvaj_Rxu7DjZbvi_QdbaniuYzDw8iojNWvSxoM6Cpe8pNVA8RpyvWSvxtMvmfQ9DSDs3_20BfkdUBbiuqcc3eJZQnxVCxPKoD2Q_k77lTJ6NVG7xmI0kAcmwGHPIzv8z_6V1uhW0w17-Xwp_3UvThUL97jvwf3-_LSRt5VQ1TZ99gSEeLQyrV6N2LjDqRZAXaP8QtjNbazg0jNB25MzTVFTKG7yijVQolPdsXloRb2EdUmffusbqaDrwEU_v_5J3u3FzxdL3H4NhsuTHnYCodtmQ847AU-_Z_takLvmN2blDHNfaNWSW2Xxap4BU3l0Q4GUoP0cn-NDRzpHxGipjdNjg7Ed7Jf_cAUbw0y6FmeTwhkycVIzNCYFMXxcbwBZG92agw7ikzPHkftd61j7TTJiWWo3TQt6ryx4YDW3-Z5Fn-6XHvf2gu8JGYbbFA8xlK3BBP6_p7D5x882ekCIDGz_px_rB7rvSbhkQ8TTE5jFj5BYS9T8M1BHXGOQ0e3FKMizw3aL5ItGSNj7GuSbzhD97Ng3APOW3P5TmlUVbCilhRbxhzEiq67JK4Un2MA5HSlY2vefSFhfBV96U9T162b-v8tyYrC4_gPW8tFpMjKzKecLNlyu7dWqT9we01uwe94tritZxAhkEilP_vCqS0XuJF4nZv77bjMLpwz7o7gszkqrrVW4_Xko2k0brUffV8m3ISRB7phUFv9D-6HvCMdXwvv2nEkPR2cuJM904pijWWmyaIFsFbHfpQYIobR2R3zAaQfuqprSTQZd58CwZX6PmCFHbRppFC2nSQ9KWhGcQAgwaJ8QhQ5kZZNxmkF8qlMsiiVcFNoA04BYB1NLEMuEWQGo2Nqhl-O8qfEroA7gq3H0JyzaUltxNBg-UeZyAmO7G72dm95vYYdQPVJ-bk_RTEx7X21ZBwB8piwSqHrbUrHXXdanI6vJVd6gUBWWcnbM6NyjC7CFOyG6G-T03McYBS88LPDW-SLZ1xrZ608s1qkm-FYoBhbMDi14Jr7MBeWuQFpLED4ElnmXxcQv336p1XqE499cSL95DXOnGnE5exYuZDDOnSUfGeRID2kMTZBucUrMq_49xrRib96DFTd6SOgXim3C3yDzYu0huUgYyj3IxEcb2Vk4VW5rIiGNgTTQ-K4Fr9eI0SptkVnK4Km4S6wi_8R6HJ2qc5Fqi2NCNjkAO10mTl6JjShq0BKX4F5hwaTnI_ZpiuH0v_vTeuxqsmm_txzIOc3ctAy8CdDhIuBmqtGdhYZ5F0V7O73ICf3_HdlUkSMr2ie7OnjWGfg7ilNjzMPT5EVaO3fmxcZbOA6PQzrhabA5E8VF3jfclU_z-j3qCdZgr0P44mQd1SMDsw0MsVM1oGvbvJVa8Y7PVx29YDMXs6LAUgb_f748zP-wlDpLw9vZPYL2VKxRrYkFqqZODBch8iXmUgTc4kG7RdMD01TAJyBtfSVzq9OyToYldR1CR0epnwsL0ID6xWN7AKGLYk0uCeWr96X32A_ANdHwJZB4jclPkQH0QpDIezhaV4TcbTHtnwObQCKslDx0RhOka70Mj56tWFeUq0PC7DP8rGGTvg_-E4SyUenFJxwPSuwVgoTDSnniRzq6H1KjmTIzI-SAZSxXqAcOwIU4-G3Ld9EP1HkOoxtk8dRdDGEZHpCBke-Dm5PTXB8tPeWQfGmlhA8-lgXj4gFoDefMIrsFQ-yrvIkt-rWOKE4f4XfLuwrJkYPXGQQnhXOW03iejanlneV4lQ3pxq24JqxilDsVHoivSBxB5PIo3nbEqhEvhpQJaMncyfvGAisryOiPHRGWaS656-D5SsKAs1TYR09U2uHTvFzAfiQv8x-ewwm2sDKQT3JWMerv3YF5sfZ87IJVGrhElHcp0hOXgPCPDkW-ve2aNZLE9s0dcDQiAPETtexQcxLblMXwzTTRy8rFNhp6h3bc6hoKyyYSwrkSDLzfNZkRyiQ2zezijb2dL4jEOETiTnBsadtOOQUDh5l_HWLUPpB2bc5SpnKcUXGdiNeaQkAayXkoVh2OlvD8LE2IY4RxXz4th8m9ZdZ-qwbh5YA7DZV42pGwQTAFOJh2bQb7_8N9f17rphewje-FdzyckPtGa66-0LbYNg7MoMdyIWNH55v3_dvQjFm3Fg6fo_B4-vRQg-W5Re4qU0KcNqmIYy6Q9K6jcvWzUJPUo1rQcIk6DgS7z7jNQmejH7JfARBggXIxKiweppIzcm-l06VuVK8lSKP0WE5d6iYnipDoqmsFeTNpjukSKDdOIF1qTIjmvwgQ5Y037zx919YFrYoWV0m1FU27-p24P3OguxqukR6XuuN6q3W_M_qYOSdfSBS5PM7I126tpT1hijvdFwHmEBkIJvu41pDOvPZtEsaCziKadPapKmSFyDjvAw6T2cBY6scxHjtV7v_y9OoLksb2TFu1J1M-2tK-AvHxFzJJ0o2EsaJiDuiQtNmaGRAn8b76uMnk5b2V0GngjbnykxsU6hTMoXrBftXGtMJPgiH4MK945r-1r4X4EaT43AIDSHQqM79EBR8KGRGZsjqIbaocD_s_5ojWXDBPlRXfI5_mDPNHdC047NIoMxlIY_ss7GmeVb-3SLsvEb3V9h6kmiA_oa0C4n8lUUg2zJtJxESE0b3t6litRx_rQNnr_qYputvrPB0l4Sh435rGZO3diEGDlCrng4LgEwh19-d2XjTRNbIhmYgyWPBfW214fVOwM17voFmKVUPgtu7F0r2nyrshyTWbW549AfexedDzXQCnpGZ6j_vgki0-DPH7y_O2S-D_QbqqB8rMpp&cid=CAASEuRolboETAhBYMjjumn4YPCeKQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame FF23 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKy7hpV-62ZiodGS-BiECIUwOPep1nSKfClIwmzkvej1M5k3vLhHogBI9ECYXRCOF8NNyTfboStZG6RqorIV6LxiD5amHWqgMraAio8pecRoCS4MDYxykvg_x4LGX7J71QiB3IZSoya0NC-8PWvpskPxJXqNh9asJegZpgC0sIhI665Pmr_Hsm752iaDol2buUzshF1oqIOaJh7ud4Ho4vnZNwAM4xVX0aWQ4KAHOjbx5I7wosiPXiLQcbVBTBpBhPu5rK1vyzAQJAppy6AF1DUnS1LKG3Lltwi8_NbISfmH1nGTHMJeb4vkO9uYHgJtbuESJ9W8SyQUF9rLgm7KgcAig95tP0RCU2L5ShGIwZz3B6qoAr7Noq18XMz7PGjgI7w9rbyNISDX973tpKEsOpW2jwpPohVv9HTVRiIIMdnNyo3q1UwaZTN-bsxtLeVRe-SBweyFUKZpbfYIxnOVIBzJpO8O-TDAezuo6IMWUD4BNGHdpcvYl2CveZcwtP_ff18jEc5oBF5Vri1-En4ImVx0msCJlxarHemSC9P61yVsmfsIodvsEgDj_GBfPWFRQqVGEF1MW1ON4bTj8-sXw2mki2nI9zC-TMXfjLsuciaFUupOx7lIWV2Cz8CID10bBD5KrHCqAijCYWYet5fJyX_tYPKjVKNuXAu1uhM8eR4DHxBmEpkvOdItoeDb1gkFwIQ2Y50LjykfK2p9ehwbVTnCtK-xTrMxLwcCSsS1Jc8rzH2hXZcRchuaNXboYTOW9ox9roM8dHOBymxpWMTIj_r-FJWPYhh3txRKO1rwMOnCFuQgnGH9_qwBlDgc5QYIxG-hJ_2OOP87Q1SsNGbIUeCF1RKkYy2s41FNgrEw6NgMo0109O5eVW5Zl7oJKiCzf0YW45R7ldhaQnUoa5zuk9TKtIgjnKOerpUN1m3zHtjYRKzobP3Ee_CNU5H7VK1h4-w0NYjUJfoYQBx5hL2ELEabGYVjuM4XQy1OspCTuUeTlEh1_zP36FlijmlRLpQlGkWAM8p7Ke6tn9sEG8wJVuo3t8PBG42Vi0h8ku162U7zjO6jpYvKhaHzAVmhw_YzCOdATXFbdFZBUYS0txoEWCct1GAoTRCAaHSZwva9tOItNjTcgUcKyv1d6WYNcIdWYjtXgvlLFBQGRVdDWQLCqExPGSI8zAkBzV_yPgWjBVFSvd8P6Ipgnorv6awKRE3g&sai=AMfl-YRKmEworgxiqrly5YEJu9Lst8mZnd8VyUiv0OjXZrGi8hMy9mmTyzqDoMBlbNBLiEQDxOAMdCL6zvT6z6vdjtbobzl0saz5dgc15yYob8aARREnLBlbXLzKCetPS2DIcrV2LUAaXDKCqxeTjl7IdwG0XUBfaw&sig=Cg0ArKJSzFvOHoryaSGNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=288&vt=11&dtpt=287&dett=2&cstd=0&cisv=r20220707.66462&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXpZfkYllHBYNFhM7dowsvZMV0fLnlcau-LZdj885gx05sDy_HeIaEOPQ6fXnwBMZY_J6j485t9EHmD1c3UuickNbWQhsi4BN-s1U2nr539BLqhF3EydOhcRvGfvMBwxFcSBbdm76ZpNaLOlsB0HYCUWsI8Q&cry=1&dbm_d=AKAmf-ABb4CMDxfH0GvSoIXIM61fxCQd6a-vuTUuN9qKAvMGdSTOtAvJ0PW12P0s8VxDOStMF7S4lLxjvmQzQv7vkZ-fUR3-Tl48NeCsIYUXMhvsEn5JbAqenghCiQltO8-LA80XoN-r-BXBx4pVfOGltiX8RK-nfYkCVJThUJt9hotF9N1tEyRONNOXaMneTK2HjkJMVGOrwPjimnxEOqYx6MzzybHX8Nf6RRZzV8QhWABD2ZNr9J6yaRnm21aop769udPOUWTAcMAPEcDMUbktPnKkD5DJUj6nJJnsVvTVxVKZQ3wl5FtJePQklJ7dIXSEhq6zsRPxcJ6vS6JruP1sIvdK-OxKyJt9wmFk2XRvbFv3NXI3Nk3dEK41k69NzurBM18UGrdXpg4sqn80twiEDY9DEPWULkvycM1Nt3_NjNFZKcCkg0VC8W48gURR-34UqbXyxpnWLIqngW0wwozBnC8yrGfMWsCR-1fOTdqNskw87kQ0FyoT0Ez8agBQTdFbmFMYSTkBlUbkLNNgXgL4d-sKMCxQM2STQl1MrDRBVRpui4bNurjbGv_gQpkRWruMkPlkOe9RShu_wUGpT5VVknzYDrVM4MYUXiy4uGc7-YmJ6rsNkCAZGd1HKJbB55KB7UBKN29m69UqqBiA9kkOedh43BbvYmYoQBBaxpL5fg5rp6BzktX7Od1lJGUgYXuy4Ht_tvBQz8zq-TJCXDMWKoBrDlquuX7Fr1ik2ER0fkttdgsUQgsoU5J5r-HZ_Tq5mlGOZ6xFsEPtgIkMhax5elzy7Qua3NJYeB26llgiHl42Ja6PYy98p5wwgFFqdbThQBKhXc66te52vSNu7DhP35dqoVQSFfD0Eam7G0qRnvPSD3wAD4todX4QRNb-UO4hRP4e4mDVainf-Hsem2_WlqFknSQYAVxXS_hOiCwLHXneOzfnINaa6c2jaLLyIG7B2cZ3gjbDO6NYwcJOK9tnn6a1s20xCZvcZM9a2sI_QerHAjpq-SAZMJYXi4Tg5yHOILzgCSNOu1zE9TRQYtONsq10cj_WpKia2VnmMvnGP7se-i-VgcE8f3igaIDQGFf5cSFs3RPgqIL_rDpqExQGu5VeMPAIDMPnliYOFSK3QEQT0GZ4kTbyRjsHvNV6UK5X3CA512no5jGZ0-kAZ6JKE1ChCLanygGms9wNprpkGLY63hD7vP3Qlofprece8TLIRhHf3fAnebJw5vAKkGO8N9I1N7CaF7DRxgfWGiAYVDV7T17_vlqLe84eaeFtTfKXZPZCM-nDta_Ktr_FaDvhW6uA_ElG9vrjnAjwzZycX9HRnVNTaeiebLKzeuf52gibXRlwqEkupWoDtAFfoQHFtUsCyZkc9D_rui7mh6TaT9SQsIXi3TjTTWTqZONSuqnIN1dH9ceuifqmO0_Rl0a-TGp12AYvT6gf_uXGnX9dtVixSALKgwU7UpH_Nz7zsuoP0fnRJvUKwnWCAo9BAeO8Ul3h_btXdKYX-PFubhKPqZFVrvLk56SH_Zaawpir-Inj0_uT0UfRZhorYDtzqYaEZc55oVGycsca0zPZcifyRjuRGe6TeBorg2FBSer7s9ThlYD7pMtAKBmn3F4DoEfJJCkHdTcsSCpd-Bk5skohc-7OaiK5opyo06h85nUVwrAApoCWXcwL9KQwUxnj355stHQMwa00HJFSNXmoiLK7MCc0y8P61PN3HGQ_3U4u9bT08PSynCTSVkUTY-zMnubhEZRp8LTAcqci8Vkbr7R-wHt23OF_L-ggymlEjKNNoPbfNGmSGCN4HaXG6AVSnkKDV7Qd5fB8qc1OtlulvLqxizSzufvuddzuMzws7L-n4QB7hh3WEGo1Z2XotLgW9oUeCvlflIsLscPO-iwNFcSEPEjBSufGbf19UeQe-d7DTGezc4FIg4dxAwvJM1pzb7mGm6guK26EFBSk6QdHz05B28oPVJVeVgkqzIvb49Rjd5Psc_9zifKZ82zbntYOHgTEPbOSmSa3bRbg2ypShdw7tz-a3ae6G3I4CnqygpiCksCtUT3cPk31vxmbfN93i5LqFeXjy5p1m63dqRFIBNlpd5-jODVrccTr3bQy66Znbql9oT5lA59ZOIrovcnH24ing7NPpIFPPFFK0dLx_3WQ3tyEqON3bv11K4eK_nvo9m_7vN90EJHd10fu84pvJbhRsjTwTEChnB1JjDPbrdqOK5RLcCLi70-sovxSnrA3g1aSIdXEIAx81Mcm-2TBuCA7ANNg9iHYFKZ7B62W2vrQyDADPT4rPXwNzqJVHwwg_SpkojFqua-2l0OXtbsqwthVTRwM8S2zuJXEqc72Gu4bH718-IIERAzsHt9rbe7pzJ4Cwqie8y_tVUYrRmg5tdkmiiDct0zjCNDfg99X4ZEirWwgH12XVz8tqj1XH58WqFV2TVbln7jsEXQwAGIDfAiY3tX6flrk3AbtYcEi95Eq6cPjKTT6hu2LnCexZcf7kdcb4cb1XhryQCfxJdAUgXutz68LjzpB3UuXt037FSSfm30QxyKq6CHbJrkOveq4aqVFZXnx_UlsXQQBcXz03EZsz6OKI66y7quDfjmpNiY0Q8kczVJrkjDE40jTp_6EZ8yHeUCHTyadulcRsTWJqne6I_s2ol9Qcpa4KB0tzuNq88xyQ3vEqLx_24rV1NQIkxdvVbbMRSaXK9Tq2XPvWhcWw9ZX1Zyq1m0ArpARMeqPkdOUjbAdBsSCpnFmXrsrBN9t88GC40lQh8qBa_HRDmixdUp3Q1WMWf6d295SoSwsgKF1PVz59-63UteagjRsmuFLERKjZ2mMmQjRiuw1wUY7ckHrgQ2PLxXIcewiPDAbMCc6y2_1-3mmTbZPR8Dbj2PrkxjVyyd6Pxcyx3J_VAodLOF3VGbMR5lNrYSdE-wDNnUxBQiyeSqd1zM56RlKuJuUdinUrTdjIUoNoohkdIHmQmkCGYhvwawwu4P5LePRxjnSL39d6Wc8t35IbL65czSnEvu85MrHuJwCxftyoqEf1ulkaK6Qori0Ku6Hi8wlfGgHs-b9rzWX4WNMtkcW4t4xyo4AhcPnpyOJPs3ikQjxNgkQpY_nxX4sNXEQ4FfOJXVGEuqgmqV0nEETc1DPO38VqJYBB2ukONGX25S7GSZVbG9buSUS7s-2JS4Z6ZfSlgLs7U_y0U_IgAjtlwojNANkMlLRbsr0P6JRydY7Q6SQQ04KR8h-SMORYtQF8fSBkjbwzSsrs0blyRzJ9kFhUQpoBgSV6M1KKJjC_qE3ny4Vowqt99Nb60pzWLC6ykTkV7AYbT7olMxVnBO0yNPKkIwN9XIes3Pqw-xzW9ua0gjmft_jNjAAjUq5tMrx-a9u9XdSNVmCAyUXx0G7GNCgbvQHT2KF0TonyDhOzSUsePYqGQTU4h0IKrKMzeG72ewisEUTErsaHbumvTtMamMVNuIh60hf4pTY9IwkUez2BhHn2xP5blhNJtTvoZ1esY3fciWhRB-lB7wf7wiT1HiOtW-qckUsgvlMWKnVoMR1WUT6TqSqEnrsC0H69OeOwZqXvGtpJ0sQDJuh3_nknWzWV95whlg6OSvG&cid=CAASEuRo3NhDHifqncH0I9I5WJsUng&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame BA8D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b4d1103881ab556c8c71d75cf702936bd980f2f83434abbb42d359b93d22ef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10892
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame BA8D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_15007199967767714&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F9a2e5c37-cd56-42e4-a9bc-b317af12bf6f%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU3ODYwMTMzLCJzaG93X2lkIjoiOWEyZTVjMzctY2Q1Ni00MmU0LWE5YmMtYjMxN2FmMTJiZjZmIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZTM0NTk0NzctYzgyOS00NTdlLTgzNmYtZjVhMDM2NTYwMTk3IiwicmVnaW9uX2lkIjoxMTMsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3De042d1bb27a551c6dce6ae9c57cb1edd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
truncated
/ Frame 34CB 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
920d588fa5746f93237314e13809e064c996e409f3b5c3377766a71c0d9be283

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FF23 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afda10fafc647ea69a91f7b600bc4ad3aba137a85e56ef06ebc6e3719c4a566c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2683 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:36:54 GMT
x-content-type-options
nosniff
age
115521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:36:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8EAC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73bbb7cc64158adba2fd3afd8e8dbf2662e208c1496be4573498e7b64379e213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10948
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 424D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4a4316ad52930ac608e1d3b7c332b65fe598402eb7931cf00de6d9327bce5f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10987
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BA8D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:15 GMT
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame F5A5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860135184&bpp=14&bdt=96&idt=144&shv=r20220707&mjsv=m202207130101&ptt=5&saldr=sa&correlator=3746731210798&frm=8&ife=1&pv=2&ga_vid=1359018420.1657860135&ga_sid=1657860135&ga_hid=439614182&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=720568846&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068443%2C42531608%2C21065725%2C31064019&oid=2&pvsid=757850537271338&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.7r0ob7jyppug&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame 97AA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1657860134802&bpp=12&bdt=290&idt=164&shv=r20220707&mjsv=m202207070101&ptt=5&saldr=sa&correlator=8765206329774&frm=8&ife=1&pv=2&ga_vid=1818282951.1657860135&ga_sid=1657860135&ga_hid=460659725&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3469347216&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067527%2C31068380%2C42531607%2C31064019&oid=2&pvsid=3234578668043569&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rtng8mh6f8r&fsb=1&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8EAC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 424D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 04:42:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9447 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Jul 2022 20:25:49 GMT
expires
Fri, 14 Jul 2023 20:25:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F823 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6dab73e6a021b319c60c2fab97372280f1bc95602abf02e394c565d30d192e8f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XLjvNV3tfHbnaFR_bWzhGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-XLjvNV3tfHbnaFR_bWzhGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:16 GMT
expires
Fri, 15 Jul 2022 04:42:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E78 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKXDaJ_DQYpnNEozx7gP5v47IBQAAAAA4AeAEAg&bg=!XF-lXxvNAAaYcLjmuHA7ACkAdvg8WoCo6O61MXbZhIR5K3LbBYSU1vrRTUjRwHnJwWx7N0RLKAZhUgIAAADTUgAAAAFoAQcKAFhFDEOdZb96eAB6yUq10PtVzrP5D6Lv3UbUPQooY-Fsmo74iB1_vYHGZCvBB8JrFlF_IamQPwLCORYp9FC_fzRGu6UZSJWNrHhCaQV9RvXSGTC9B7Ajr-2tmQLWrR2Ws43lIy0a7wY5adIaD5d8d6YzcVZgXbYhkT3_SerHsvjFH_rNtsFGDqnY2LncKaM1ZECG6PUIh9ULIbKRa2t5pD-S2coCRV0CF9o3pat00QFghl9iABe-YmiiOWnLV8cm4Ua18fnOi0oq4MdNQYGS6-2FZvH-Ydb5Z3z7uLbW2ndFWWnj2cS04vNiViPpnkHvn_QKofWrkWH6_hG-4VErp9DJhmdoA2oPoZ7355R5oO8cU5g2i2-35RnLbrc8Ue8lqV1dIV1Bg29DwL49dhQiS-HzsspORdZduEAJXswUCdsXOOK4aVMZFaBnSZoeWDAyD2fHLYAfsm8jHjqUKg581vcRm7_EASpNpczEW0CSiqhPYVdaGGOg2eEIzmm77zEayai2bdbR2kBbMUDHXcGBaRFnylYlhLMxgkAhKseNBj-5UusXP9-buuXmZXbEnYxQOgPIkPZ94Gd_CuBWItmb7UftGdaPsegH6BY9t6UA7N6A-06FASASeMOGotTBtfaQX2e4f0piXBff4DfOsNaYKL8wP26l2VBg77gH3shW-Ht91XT0AD6zp9S7xgP5_HpVdhYPCzqBYVc6KYZcdBT3_rxQr8oJfPSRSeuvW3GNUIpU-kz90FxQWKCCG21kG5MXaEitOdIgWb_Tht4VAo4d_DcIm5pYnGgR7gFq8NXvpho-mtFxdc8cEkvBbGhQDJWu7UX9J0mq2I0C9zxt39mUqLvUnGorEhMnNrgpQYqw34jzOgdoP-4dYJxWeZDXOa062GAXSecPZwp2IiT5qqV_rEXotoK5H3m_1mGzuRipbn6nZuTC13IJXadwtTfJuBB9M5Aqexk-XDguAy018MH-he2Vfvc6YD4bMpMmN6vI49NMTofIjkKxqkmpwJ86D8CvaJs0a0Nh5jK94FtgPleGV_h_kcW88QsZ3r49H5ThAYls8t787_KDwh69pbM7dt_fpSSO
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FC7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Jul 2022 20:25:49 GMT
expires
Fri, 14 Jul 2023 20:25:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3C81 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c60b208453d6f3aa42119a08c2aa3719ae78fe707aba0e6dbf67fff70c47d769
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IRjlytQ9l7Ycm-wAN87pEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-IRjlytQ9l7Ycm-wAN87pEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:16 GMT
expires
Fri, 15 Jul 2022 04:42:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame AD15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=1315195224944008&bg=!6eql6q7NAAaYcLjmuHA7ACkAdvg8WvHBOIQUAYNDaILzmzswF7g3Z_NaSGIp_wg-rMmxnP0vw5ANkAIAAAEgUgAAAAJoAQcKAI80lRefv1gmA5a2dk3AQnTbdvm9ni3eDD7pjQQP7HwzBA_3h-BE1wHJv6SW4-mO0EWcqNHj-gEYdJx3MTmn1JcZfbOi3BTAs70of8XMqELFEd1-goiPOJwtzGARODvuLEp4ygSlx_LY3Bm_qiV5mMTpJ_hbXyqjNFF0D0SSpFAaqUXkfeEOO3u9llvZ8UmMypkCuAyUyZC9bQnYtoL2-zNhsN1WfjyQzT2fxBMdENeb4XFCEGIHEnByocAOyRcvHGRkho3HsQj85VEw1k5KASo8Wj3IkOigyZodY78H0KMaLACsIs10YUWw0JJDL-aHXYkLFknD-aTKwZV-WYjSoWANF7bgPVPc2NsMxF8EcMPx4fgMulC1hgQL00DpksE3TkwiQS2-lRgi60lADd15bT-yTZDs66_ejMLbvE1w2OwJFFtTcamSu4m9UlqkNwKCb1qWduU_iUP6wwAreSMnfAUe_c5I_z3v8ZZa8OSLI_6SPZqfpr9AR3Km1h-DBsteEvm2h8XEtUp4rxOj2VGtuwfHQ71zNw2pxnaZahPJD5Y90HLHiTWcZlAVZJwljfVkROUfdv7b-g9VT4QEnia-Cp4jV3k-QUnlAp9khPzlzYX8lsJDKqCVsF8KDqG3NwAao5bCaTx3AUdoBh99gzOCyYkP83D46rKkNS4UsvC5vL9oJ20vVhMzbJkL8TI9UsfnwGZ-dqsVxG3pSsBASseHDJItKm8sCExNT4bj7Dg9ebPCg9wtorQuKJZtW7j7bVmBN4GdS2_ojJ8ngE9FBZP7eP6zDmnlSCo4TV8MhZBaj5mjlyh5-ilPaZ8h360Ujz5OMlfQHiO1JdvXkRyyR7oEg3Zo1cP13YlvdDZItUPHmrDRPptST1aC7hORhE7-gGI_sf-8Mm0hcnYg2Ba1ZNK_dCaLuD2wfOaGN6QabLvdbx37jpqtnHNzmdFkJG3vLhKEVuFM3Mwry0IH0gWVO25EdQqKn4tud6nA7IIhPkReybtD_AQHKVJq2kseCbKFa_PSfhMJdlwcuJm2W6EgSA94GGJvlZkkkBHeLOxeKKOV1jqkZZMT3x3Rga-d6k6V_b0Kgd0SpCAdVXWdEdX5oY9rzsKaMwnl8PRigPKMgw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame BF27 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=1381346131763052&bg=!zc6lzorNAAaYcLjmuHA7ACkAdvg8Wv8LXP0m3l9ZtwZMi6dPoOz2YlZno_2HRYFv-tGOdMfHU-3QTgIAAAEfUgAAAAJoAQeZAq1c2qGAZiQDeMoocdb2rynJexcUHxDKy_aPJRp3zhUVLQT_nwspStuJWm_-2M_3B88lxnWEh1zSpuMQxVq7LwCMMjmAJhqXs4LraO4N0LnFj_VrXfV1yuBPft4qH5w0ZRoInt5Z3UYo5iyxiGhP7Heiu_iWqLiDg97RJx_lFFffy3PR9LIK3ZA92vb-yirHViMuKhrB-HSLp1SjzwRehP8XMd3ml6l7K8bJFz5RBlaFrB24si2Vk-z5xv3coQmpPILFaYq6CPuP7kVv3miKILglvcNrFq0V0xKMbnfWxW9qaKsn938Af3IJW-qamQave6gchrcAj6gTbx93LV6osDjlBA5GZFH5welfs44DJmBDAmc-ThiWxHicDUrItjJ3nMfCXdVFncQWWgY3PAuFQD2rt_J4wv4gVhyTPatEWrvNbC6tWW64LArCEp0U8fuCvAOCmvkuTgI4w8rl9pUE9gjHG9yfRXtivh0hFswjsIAeJirMqPF-jqFQrhcOu6gHmLCQ0qcmONwSEoVRaSjYjF3bli7gUAdXm8HwQO--P1mRFeEaf2ohNDIxvKezkj1kuG6pWE19qmdkjtAgZndcNFVM6rKwwVVMpuuF4jsI2kVgY6bCV3r7EewFWEwsOgGzcscDn_xO-_Ki1m7FPbKqWA-8rj_mcPACcT4ItzVYi0G7zqPVTsH10XSt9Xf86uLqopSptifw_Zn0g4VAO3rhoZfcsBFQiJ23Dt-vBPLiUdz90I539opfgp4660KnEQ6lXUl4kP-2IiJ0JLaKP58ahtMAFg8IeJjaJabaWS6bJBkU5CtIAGJKmGjwTZOWDriB6Jn77ehbcWh1GV9gwOD7LqoKyo-Dw8uL9A8U9uvu1wEsUTrcqLYCK4bLH2ryufskDnd1xRMWFjTVkjKS-5Ar
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB48 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBxsvJ_DQYvzJE63g7_UPsbS28AgAAAAAOAHgBAI&bg=!GxilGFzNAAaYcLjmuHA7ACkAdvg8Wjy_elgz96pQ6rUd9OR1LnaeqJhISKtnI2NaoE56ix7RqluksQIAAAErUgAAAANoAQcKALQ2iM9Pt7gbNR5qZpM59rOkzN-FkIpmN1FrHSPE-ZO6FxYj6Hzh0enfruwLUVfwvPFUAON6MFJYz-Qoj6VV-Ijzdm2TkfBTzuX9p4dRvc6xEG152NqDe5jZuGERM2Q9StsVBMwTwrMI_b3HEDTD4xt2DNLbe2N4RoFPlsNI0RLWDKAgsFfiuSpF90go3YweBNfQaDk1hIViEVBBOrZoaPUNE0q4G_zCqFOVsfGvYGEyT6_x18-ZAtbVOJ0a8UJLnMZ9ZsGDxBWO9V_-zo3eiKQ4FDunUJgWr9ZYSwtY9btyIUp-zGZ5Zhe2M6N6g1S5xzk__dLd65Y3aE--OTlgMnO0pRmDsc8NYN8vltJR3EamG6NXJuXPimIQj-CiyAD0FnEXFczepe_CvvWDGRzUKIo8P-DuouiEaiS_9b4WrolCQ9uqB6I34uPstyrRcT_OWPQeQivjP2JFLl0ZE32rmm6oni8f-EYC-P4JF4tIMuLhMahMirI4VtwUQpIYPtLh09XLoNAMFL7K0iBWbTf_jXGFkE4CKJ86tAk-Q1JAr6eJcHieigqflaTRXm16GcoziETv4u_Z9ev8Slb0U5cAC0VsLEBInFrT8s5QgvIWADhk-Wgha2WlFV91vXKnPAH5ikEy8DKpkm7NxTHXawaR1T3pUwXGu6uinylgQVoUzC0H2OkRGvGsw-vYNaLPOVecH8eiLzqYIWfLqnCZFAs7k6FRt2QM9ey6pA4ioq9TxIw2yYFzd_ebAyL8sHPwlf0RcWDDUjkCDtAXZ_475cJr8m43xaXIQk4eyVH_MpTikObs_j05tSwY6mY4pUBwSj85CnWmYOUn53xFPDDdbAJliRz5T_nepo2iZLaZ7z6efJcMcvqjdvUuQZBnAOxW_15xsDz5gNAVgYFiNJysaSVqM8MsJJkKV8XlYrferq9uADJFTYeSYewI71MOP1R4QFO9U7SLMkKXo0TPzrU8ytzGy7Bg5VtFT2XXUuC73BLfzlyQs-9ZoWjC9YsZEp2pLmngmLfCgipSAvfn1Q3uxsK3BM6QBLwirNKuPJ_Zp8gRcUYg12lRZpVnN2XKVqjoGS8VdujLNtP0DImY3yEdMhj-LivZrsh4f1cITs2_-5AgDXJsoYfIh7zABo4EKDA9HUwS4qXNAMIUCD5WXq6BgE84zP30Ls-ysW8oG31SMw3k4MknJgdqPo6loXOEz1cUOIk
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BB99 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Jul 2022 20:25:49 GMT
expires
Fri, 14 Jul 2023 20:25:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5B48 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9ff4ebc9a9306942803d8c835dd2a42a76c18b3d8f1786e4d2ae77fd60a6c3b1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-75Ic8qGTUGZ_Y3wUdIcGLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-75Ic8qGTUGZ_Y3wUdIcGLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 04:42:16 GMT
expires
Fri, 15 Jul 2022 04:42:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame 9447 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F823 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=699737011385212&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=757850537271338&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame 4FC7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5B48 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=3234578668043569&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame BB99 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
131161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 16:16:15 GMT
generate_204
tpc.googlesyndication.com/ Frame 9447 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WKIisg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 4FC7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?l8W0UQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame BB99 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7wRqkQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 04:42:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FF23 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutxuzC3RJI8EDrdx_htTYnYyuBavVY2CMY83WxwxaLHz_BQG9OeUFSFiBUZbj-GXl9xWnm084xarTliMXCC8ig4S4Rq6JuDKRRTAASosWi0q2FaGqlRq3CbO_LjBXdT1-JoS1z8gDbyLIS&sai=AMfl-YTmyr1DaRlky5TQA59HgJvnFUGTvQ8ZZN1YwAkbnRjBzcx-7g661GS98fRO2_DP3vrzesZajMFYtwUoTgjmk5chOaUwXF4oX0Q&sig=Cg0ArKJSzBTGpAKasCEREAE&cid=CAASEuRo3NhDHifqncH0I9I5WJsUng&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1974494150&rs=2&la=0&cr=0&vs=4&r=v&rst=1657860134948&rpt=779&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 34CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn4Fr0z11xq_EWVCrE4wpFc_KEOxIz-5bBUPYcuyCWH_YICtKsRnxQt4M3-OgtC-DkqQ1RI2wDhlNvUMovxAGacUx4oXLDrdel3ulMmC3ehS5HzsFidnPlPixoVt5teVuCHxTsV_l2X2gM&sai=AMfl-YSI0rO2eA79GCOmWXtPPzUJmnSgi0-ouYcgqBE7GdG2tOG0pgobIeFRgwH4EVgkqJPSFpygdMK1SazLLEFqrStkJ6teYLV7y3Y&sig=Cg0ArKJSzJz4o_fJnYd2EAE&cid=CAASEuRolboETAhBYMjjumn4YPCeKQ&id=lidar2&mcvt=1004&p=0,0,600,160&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1620915178&rs=2&la=0&cr=0&vs=4&r=v&rst=1657860134921&rpt=802&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 04:42:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BA8D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=699737011385212&bg=!MDOlM3fNAAaYcLjmuHA7ACkAdvg8Wm20Aiev-FHL-ZLdegbUhGxLyzblrLoEXmLUk8MClp23pNH01wIAAADjUgAAAAJoAQeZAsfDZJZmGXpeueouLYZFp2HhXKYB_9w2EZjejO1KtsHL6Yxgg2Lszh-5UN1SI2gzIdAqoQTesiSsJkEau0ElEHtq2INUl7JXjSXT7roPDuv-_a5kOWsq36mQkX0FmEHqM8ELiJiIruJjRYpltTuUqQu5WdWA-4fxjUv_asO5m3hyEcSx7_oKweReTHeyoG-NXh7gRFPwacqIkFWxY2Yd4I6gueW9jL2BbMk_r5oj9tAuPw3-AAzHXggJLzSjOhB5W9bYMK9nLq9JLXrbso5gpKogBk8-FjvBnwz9kK5-VkEQuKZZbvn5cvQ-4COt53h26Bs407MZ1rREK8wxOHkv2TeYtHXaNIGygiwn0xUrs5h3Yz3EayMAYnau9VXEnFwnpz5XmWvf1RlrAJyh-P7PQx4cMgLtaPLQG0yzwj1mNgdU1QvFJmIiiIuvX7-mgAKoz0XwHd7jVvL3KRzIFJ-0ia51h-Jfqd1ultvXTwF2SsYBPyHYIwrprJ5_rl0AMmleEuIPSCrti_HwyKTWkzDsQFk7hBGrNcsBv3FGsFYrGlA8TM8Bn8fcpDu-VzufhpDvMcciHUsbfEpYL0iPSYXd0CfTdeeSFsQSgd93czE7tLy69ER-CAFSBdyW1-EzNc3DXQB-GM3mEOAZLnWWSauAF7hipKCJWMf-fDT1817eezSoFH7KAa5zwkpNBnLns9eNJbCfFR0Lb4tYtNucinGpXrTqWAiz0oW_XZ59XBsnwvdLXhGE2UfNa4dLms4z0JI60cVhApxuf0K30LP3prbVzZxgR-nyTAw0sPUEbx-bGBGkdapPo8-Nq4HN9To-d-EIdGwy2f1BaZGxLmBrZffujGD_oYpaQ6UWzNf_qn4tmTqOvRMMwyRSpH2zjE0UrvmtSKMrNXvtwGCvIq0QS2xkOhpg5TGpusXP527_uJLifjmpGuwipeqRWUc
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8EAC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=757850537271338&bg=!tbaltvLNAAaYcLjmuHA7ACkAdvg8WkITnENAG6DiDW2jd00tgQhXHXPRvEdqrnhlsJuJYiLfdlgE2gIAAADQUgAAAAJoAQcKAJD0ucjqn0piglqveVZGEuQ6NtRNVLP2hC7-IMFtabe4ahXYN4SFB7snK-hUuxTD4VPz7JjJPmpjR9dOdHnkvQlSTMm8udgRibZcb5M1q5VGTpK4j8DsMwzWCeqel6FrB8t0Lr6yPsnfxjlLstlkI5PlfyJwFRu-UgwmMitK1Wr1LLGVvPwypDyHwKLQP_gdATeZAskxBPvLzpSWEIbMAwc3KrsLn1e6JqugekfBaBbuZHJMdH4zKi4myFzhGw4eRju8qAEtSPNUeBD-ov7Vgr7Fa2O59m8nMTEvsW41B-adqamcNS1MC199ffv77NgaFWwpW0dgCJ8O8-ICYtLuatE2wq42G65v5U891lC9T4rNXFHDJ_-9Q3ros5W3AlCVayXl9Tf2ObuVG5H05JtV0OphepEAWgWWyb9ki2U1Tgh7Xx-C097-kp94grvSgrutSg4zEdljptcM8F4Meq36jIzpYOaE_26v1-49LMnttjhI1DzMZofwW6Uh4G_Gn3r7b3SZjwGOTcRBA4QDdSsiuBshK8Ac_nr85mQFgcBcsbSqCbVukAfOLZezGFnkz1a3UwVn4R1gX4YLQsu-Bs9Q44ISNDkX4KzItH_T2leoJUuB-2n9yKbBEzMeE47vxwXx7ciVVWJPNIc2Q9TtbMcjPbF1-nZYS-UWrX87eWLpsDBrOfn1e8uX6v-Kdgy-3R5h4kanOdmA5hmyn-U67kpI-UJv6JU2de6fJWDKuXGjmLTcamfMx7ByknUZUzkCxqUC8y__wCk_A6GS3hn8TFjjvMsiZOa2rUkrreuVA5-_Qlh6JdXtgxvPozm99fCfFDXNaRJeIQEckEusDIEzz8_FSSLQ_O0KOsPOByBnbP4ROmo2of8M0njHVa_gskym6Bwc0TNzfKaj_j17OsCB0aWqv25lu_URyRFmobRB6XNLSNWdVclfMeLywcp-8WPtdLDugiIO-KngZWt13AQltKCqR4xbNmD3fZm15P-qrrNOH9m9fHS9KhMGvzGoAGD_AXFeqBfwaYclqHhyS7zZgzL-dDKeeqmH1sjc2XwDiTw75ROAxWp8iYNql48pha6pmK_JnkmTi1Yk3WYv63SOedUoTM0LXLrQe851X8FrrdtD5YVN18HBBIY53ZzuKc1T0w
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 424D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=3234578668043569&bg=!V1SlVBDNAAaYcLjmuHA7ACkAdvg8WseVFTAGRBHhvg2nu9nGrlZmuKLAk8gvjXcrgG5q28O0ralI2wIAAAC6UgAAAAJoAQeZAs107JBnDS0ZT8vgIRZe5GSfeMNnUyJFGnGr3PcbG8jQ3265K6j8BkyAEpRrsTbEclX2BksgDJ3wCHW4XLlP39CSz8rJKVTI8G89Z1dZsA8mIDYqva2SRxAnPH99VcdPAfDB5g0Oi4-BnzAWLlcJw0S1bTlrpGyqcfQ2GoVgkO87nogg_LWIFkM2S4IwMQ63uVFTvXq-pKPpDgWHNiLTlxI9tWMkkBktaBP6tIAKPhiLLmQp4NaPnEsUlOr3VXZvGfqUxsFAXmd-AHT_IHv3XmXdE6KlzPQawRjamcDc8VUfoAsdEWfjYwSHApATmQQpp_ZINQLHJI1NVTK7u4ziiGdGVr2XTsA9onis0bxgPyTuCScTt9kXKuQmGQUMGcKj3GyjdP6usJvQcGQ-BtWdwf3ZTrS_JFVc7gSpR85mRzTTsa2ZCMsd6uVpzoxJ-oEDOyh7w-2NPYcJpXhphhJibtjGe6VjjKUIFQMBcA-EqDnFnSnYUvnMmUAvCcAJqtOunZ6SUabCBAMHg_IOmOxMOkLm-_6M72pU5GXbYlHYVj7mesj_HSQceBoXEn5DlxDsn5q2ZjfUsDkVr9JcPxGloSaE7vYUVR--zMgk7bLWCqe42p47dkhbU9MuXKwL9SsARFkb1IsIFCWEBTrDGrHiBrq03u861iebnvURjfJ4ZXT2jGzl77FTpeXw12BoaRyH7Mwx9W74HUbNjPAEymfoAdCeu9oP_C03QYgIbeAFguAMI7TmSkLcYEA8Fver59hoCsxOMduZDsGGixuF6ObwKL-K0C8PviBsnagh2u7jpHEw669wB-yIPbTtUtcNAUEmmEpQr_0EPbQFi2U6bXM4-D5nThWOJmxC9Xfl863i4r1SbovHpp7hAIcDiGhOh2_P06qeHIlAL-6UfyYsHL3Li6_X7VpBxeAarX9kkxX4YLXtUuNHx0e07M7e0W4aPd8
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
tt
a4p.adpartner.pro/ Frame 3737 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=1&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.9066716552469916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 15 Jul 2022 04:42:23 GMT
server
nginx
tt
a4p.adpartner.pro/ Frame EE4F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=2&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 15 Jul 2022 04:42:23 GMT
server
nginx
tt
a4p.adpartner.pro/ Frame 62BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=e3459477-c829-457e-836f-f5a036560197&session_pageview=3&session_id=441874ed-c09c-414b-9921-d5c96b8df727&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 15 Jul 2022 04:42:24 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adx.com.ru
URL
https://adx.com.ru/adspend-sync?confirm=true&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FxLfmfLC7CYuqPY3fMXyGqW%3Fsign%3D293192260%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62d0f02505f708479ac249f0&uid=62d0f02505f708479ac249f0
Domain
scontent-lcy1-1.xx.fbcdn.net
URL
https://scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/293782845_3241020246113263_527680186975967668_n.jpg?stp=dst-jpg_p160x160&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=OUhxG4NG5YIAX-XlAwX&_nc_ht=scontent-lcy1-1.xx&oh=00_AT-izDDnwCkC48vZrHbf6eDNhGs4wmA8jHCACOqYWBXaTw&oe=62D654DB
Domain
scontent-lcy1-1.xx.fbcdn.net
URL
https://scontent-lcy1-1.xx.fbcdn.net/v/t1.18169-1/26169268_2027047760843857_7213779766090150706_n.png?stp=cp0_dst-png_p50x50&_nc_cat=101&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=pX9mL8U85GkAX8CyI5d&_nc_ht=scontent-lcy1-1.xx&oh=00_AT91pzlOkwk1GYJbrYCNXvPb8wXjxh2ZPK_3aw7YVCGjHg&oe=62F66673
Domain
scontent-lcy1-1.xx.fbcdn.net
URL
https://scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/293509182_3240015102880444_1210854309035784493_n.jpg?stp=dst-jpg_p206x206&_nc_cat=106&ccb=1-7&_nc_sid=8024bb&_nc_ohc=qP67pVzqDq0AX-iJOBX&_nc_ht=scontent-lcy1-1.xx&oh=00_AT9gioRuHzBC1MLH9yyR86ltJOJXeZAQaJPhZU7Z9zB5Bg&oe=62D5B588
Domain
scontent-lcy1-1.xx.fbcdn.net
URL
https://scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/292685860_7706041442802219_6845189530785313195_n.jpg?stp=dst-jpg_p296x100&_nc_cat=109&ccb=1-7&_nc_sid=8024bb&_nc_ohc=1IxMY6kZ8MMAX_97zQ1&_nc_ht=scontent-lcy1-1.xx&oh=00_AT_qGgs41DkX6mG9aW13FJgS8mz3gMrn-q1qszori7Fd1A&oe=62D6DCF2
Domain
scontent-lcy1-1.xx.fbcdn.net
URL
https://scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/293544104_3239295396285748_565057931842089787_n.jpg?stp=dst-jpg_p296x100&_nc_cat=101&ccb=1-7&_nc_sid=8024bb&_nc_ohc=cjhhTBGUJAkAX9XPX88&_nc_ht=scontent-lcy1-1.xx&oh=00_AT_539zRkXkQsx7tiMgD-nEuZqvzEOOKfDN180K5UHr6PQ&oe=62D5B879
Domain
scontent-lcy1-1.xx.fbcdn.net
URL
https://scontent-lcy1-1.xx.fbcdn.net/v/t39.30808-6/293211523_3238396819708939_1546056096651548142_n.jpg?stp=dst-jpg_p296x100&_nc_cat=107&ccb=1-7&_nc_sid=8024bb&_nc_ohc=qQDb8LNk8owAX-nbp6s&_nc_ht=scontent-lcy1-1.xx&oh=00_AT9tQQF_Jcdbc9yE730--o2_Zw_0HnbmQrKz6l9I0qYsWQ&oe=62D649CA

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation undefined| returnExports function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| hb_dmx_res object| _gat object| gaGlobal object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding function| html2canvas function| _open object| banner1550_15007199967767714 object| google_reactive_ads_global_state object| ap_br_img number| k object| google_ad_modifications number| google_global_correlator object| google_prev_clients

110 Cookies

Domain/Path Name / Value
.admixer.net/gadx Name: am-uid
Value: 65bbbff9c6174855a3d484c257899316
.admixer.net/bs Name: am-uid
Value: 65bbbff9c6174855a3d484c257899316
.zdorovia.com.ua/ Name: ngTrackID
Value: 84e3759ed55d2ccc00ac8cb785cf3ed5
.zdorovia.com.ua/ Name: PHPSESSID
Value: riron18sok71gcefjb0kp3kvp0
zdorovia.com.ua/ Name: b
Value: b
zdorovia.com.ua/ Name:
Value: store.test
.youtube.com/ Name: YSC
Value: jEUVjYCF6Fg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: JGc0uVJN5z8
.zdorovia.com.ua/ Name: __utma
Value: 148597372.1598207648.1657860133.1657860133.1657860133.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1657860133.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1657860133
zdorovia.com.ua/ Name: session_id
Value: 441874ed-c09c-414b-9921-d5c96b8df727
zdorovia.com.ua/ Name: site_visited
Value: 1657946533.1
.admixer.net/ Name: am-uid
Value: 65bbbff9c6174855a3d484c257899316
.yadro.ru/ Name: FTID
Value: 1YqF0b1SyaeM1YqF0b0038vV
.ads.go2net.com.ua/ Name: am-uid
Value: 65bbbff9c6174855a3d484c257899316
a4p.adpartner.pro/ Name: apuid
Value: e3459477-c829-457e-836f-f5a036560197
a4p.adpartner.pro/ Name: apudmg
Value: 1
.yadro.ru/ Name: VID
Value: 3b6mCH0xnOOM1YqF0b0038wX
ads.us.e-planning.net/ Name: CT
Value: 1
.adnxs.com/ Name: uuid2
Value: 7012578570036581631
.creativecdn.com/ Name: u
Value: m86qk790wiVYmB5oMSBZ
.creativecdn.com/ Name: ts
Value: 1657860133
.adx.opera.com/ Name: UID
Value: 9a0d1cdd6bf54d7c88335a2c68c7c320
.e-planning.net/ Name: E
Value: AEkNB/7HoCrYZdka
.yahoo.com/ Name: A3
Value: d=AQABBCXw0GICEPAOzsa5un-8n_QXkdEH1nIFEgEBAQFB0mLaYgAAAAAA_eMAAA&S=AQAAArM5xrB8IX65wcyjM-152xw
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmvYpLDpGrgi_n07P8wVY0hymxnnotoCdmA96rIFu595jy5A2pIrqHZqYNb9xY
.zeotap.com/ Name: zc
Value: a45e46b2-d097-4464-52dd-fc19d41675f1
.analytics.yahoo.com/ Name: IDSYNC
Value: 1985~260s
.adform.net/ Name: uid
Value: 8263187426641512786
.tapad.com/ Name: TapAd_TS
Value: 1657860133570
.tapad.com/ Name: TapAd_DID
Value: 0e894567-2a42-4f4e-8fa3-9ca12336b0b9
pa.tns-ua.com/ Name: uid
Value: Z990072CE391491297E74A2FC3EE00AE
.adfarm1.adition.com/ Name: UserID1
Value: 7120455052589660315
.tidaltv.com/ Name: tidal_ttid
Value: e11036df-95b7-47e9-8223-e4ac4286451a
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 434aa4f8-8d41-52c4-8d0d-e575efdd1550
.betweendigital.com/ Name: ss
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.demdex.net/ Name: demdex
Value: 87518306800439974270304140451458610651
.facebook.com/ Name: sb
Value: JfDQYi1jyhYVgT8x2Dc5h9ZZ
.facebook.com/ Name: fr
Value: 0IXn2Ruy5hc9fxM77..Bi0PAl.Q5.AAA.0.0.Bi0PAl.AWWIRtJohYM
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjS3tDK0MAIAvK0sCgkAAAA="
.betweendigital.com/ Name: ut
Value: YtDwJQAKEiCVaIw4_nX_JKggpNE2HnNXIjTh8A==
.weborama.fr/ Name: AFFICHE_W
Value: z9U3PnWUz3bP91
.dpm.demdex.net/ Name: dpm
Value: 87518306800439974270304140451458610651
.bidswitch.net/ Name: tuuid
Value: 45cccbf5-6903-473b-a282-e274468999e8
.bidswitch.net/ Name: c
Value: 1657860133
.bidswitch.net/ Name: tuuid_lu
Value: 1657860133
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
rtb.com.ru/ Name: as-user
Value: 62d0f02505f708479ac249f0
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.agkn.com/ Name: ab
Value: 0001%3AKjyQ10%2FEPR7ROgAJRZG15j0t4xQ5GUvA
.krxd.net/ Name: _kuid_
Value: O9T_9Wvw
.lemmatechnologies.com/ Name: uid
Value: 7f1c7e50-03f8-11ed-8d99-801844df107c
zdorovia.com.ua/ Name: lapuid
Value: e3459477-c829-457e-836f-f5a036560197
.exchange.buzzoola.com/ Name: uuid
Value: b1888ed1-eb90-44c3-7d10-e197f4e699b9
.richaudience.com/ Name: avcid-zeo-uid
Value: a45e46b2-d097-4464-52dd-fc19d41675f1
.openx.net/ Name: i
Value: bdc55a88-6337-4c7d-bec0-75971c984fa9|1657860133
.casalemedia.com/ Name: CMID
Value: YtDwJfvh-34KJV1Ax.Fd0wAA
.casalemedia.com/ Name: CMPS
Value: 2597
.casalemedia.com/ Name: CMPRO
Value: 2597
.csync.loopme.me/ Name: viewer_token
Value: a833012d-a343-4544-baa6-a0b5bac250ee
.360yield.com/ Name: tuuid
Value: abd8075a-d4e9-404a-b090-b88c5d6258e1
.360yield.com/ Name: tuuid_lu
Value: 1657860133
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YtDwJQAQPqxDMgAj
.fwmrm.net/ Name: _uid
Value: "e5ba2_7120455052578178878"
.nrich.ai/ Name: _nauid
Value: 5357c672-9dd0-4579-8afd-e0b229d2198a
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5ee5cf75-14e8-4542-88f5-eb67f82655f5-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2E?g8q7d.!A#F>.TOK`Dmohe*:3[DFn:n/B.3%1VE'3NOwNiaINkY/<`AN]aZ9qZ_*`X%_6U2d^y9ZT3PVX23nXm/!.xozCR>).
prodmp.ru/ Name: rai
Value: 39b61852e2adc9b4ab10caee296c9ba6
prodmp.ru/ Name: rai_new
Value: 6746883a4854f64ebbb0f33b4a0e2eae
.server.cpmstar.com/ Name: USER_ID
Value: %2f%9c%82%91%99%2b%ed%2c%fb%e5%ca%ab%9fA%ac
.adtelligent.com/ Name: a584890
Value: 7012578570036581631
.adtelligent.com/ Name: a319130
Value: a833012d-a343-4544-baa6-a0b5bac250ee
.adtelligent.com/ Name: a307971
Value: AEkNB/7HoCrYZdka
.adtelligent.com/ Name: vmuid
Value: 294910862b220adf
.adtelligent.com/ Name: a307558
Value: e3459477-c829-457e-836f-f5a036560197
.adtelligent.com/ Name: a309255
Value: 57b7ea1e-732f-4063-8f9a-7d6af9e4bed9
.adtelligent.com/ Name: a297253
Value: 7012578570036581631
.adtelligent.com/ Name: a289656
Value: abd8075a-d4e9-404a-b090-b88c5d6258e1
zdorovia.com.ua/ Name: session_pageview
Value: 1657860135.3
.casalemedia.com/ Name: CMTS
Value: 2596
.eyeota.net/ Name: SERVERID
Value: 21328~DM
.adtelligent.com/ Name: p440467
Value: 65bbbff9c6174855a3d484c257899316
.audrte.com/ Name: arcki2_ddp
Value: CAESEJ-2ESymPjDdIr3RWEEEKrA!20210804!1657860134699
.zdorovia.com.ua/ Name: __gads
Value: ID=c055b8f890df06a5-2283faf2cdcd00aa:T=1657860134:RT=1657860134:S=ALNI_MazTZxxTNNiInETl-zUexdTyeJN8A
.zeotap.com/ Name: zsc
Value: _j%BA%0C%5B%D0%13%093E%18%BC%C5%84%D9%EBp2%ABVW%0C%B2%12%D6%EB%F5%9E%9Bw6%D3%A5%1F%90%A6%B1o%3F%85%F7%98%12%B7-%0F%0F%DD%9B%F3%CF%BA%B2%A1m%22%D9%C3H%04%82Q%DE%5E%5E%19%C2b%94%9C%8C3%D3%1D%00%BA%AF%FBf%93%3C%92%A6%21%82%F1Z%BEm%F3%B6VK%99%E8%F2%8A%DC%E7%3C%92%27%DC%98%1A%2C%C7%E6%E9%27%07%9A%24%83%14%FF%3A%E1%40%94n%00%A6czp%2A%B6%19H%CC.%AAC%D1%9F%EFD%FB%23%A08h%DB%8Cin%24%89%9B%CE%DE%D9%B2%0E%D9%F7%D4b%92%95%A6%8E%A9
.audrte.com/ Name: arcki2_TTT
Value: 1657860134810!3hdiz5CBTYuTpiawiWwRPGN1A!H4sIAAAAAAAAAEWWO5JYNwwED8OYVST4RejAgctlBy5dACCJ+x9B/TZxJK30liSAmR6YSKnWd7Z3S+5yatbWRi419hOdvuZOZ8/wKT3beTe3FpKt+cnaW7MQ600klfmkXTv5ytPcwi2rVMuu7dzRrkT1tEbMOsrI7Xrkbseznmf5yVxd5bV7VvLu3fTe7LZH7uXV7E0aJ3HUuOv1Eql6kRj9ZOnmub96s76ghDuj1RPDQ9M+YU045DVe39uc1Nlqnlvjner1rZKorFa9/OtRrpsa2UbdXPfOurw9oiY5GlHKzOs5rx/1ZavOR9Vo0ihxzk4tXrQVJ5cZfKShWae9fLW+0WfZ3JLuXbK08vBN2/uY301rZNqwjvKyEZZsn+t77PwKHe0+R/bN66XI2LWvWtpM8sbZeoRfncpHj4/q9sw9vnn28xhJn1q36dli7dz2UKbIcXpmXa/2V3qkUMobj1+d1nKrPMwPHVv1thL1bGSQ5pnx5n5MRCdS6YM+BW0NGfXUUtx68vKkb935Girq9cys5i3vbm2qzbclUq/7bUadp66X2yuRtfSSPeap3aW2Lun5nXZMUBHP7Vf5W9uWqxxjuN3Pk1TlLpdy8tpIrc/eM0d7Drn3yDlr7YF8m5vdnmvnYS1Oy7qi5vd0yaPP50qiVEYkJSvnoUxF7VFQ3htNKsfc29Jf//7zx39///kry5JvGKXr0vR4ybrNcrltUXNB+aUUao7b1Me2exMvUAkENhgkw6J6fe4Zzb8itywpPT2tBaNwtTUau2xkpl2y4dHriHVvTXYW4zA+EqExHam5Y6Robc22sKi8tK6GKCetRuG9OMp3znyVCdJZ1HzTdp937J23vWAO2GdLLblJaTY3RVajOm97Dc/toNIW+/B5iyzXig5ZtS1JVj+OBIUFou8ycWPBdzFqmcO4pyDqvvyUpnk2RvCZPNvkYDnj9Ftb8OJ0d++I5DGHr5mHsW+cgF67rRtzlKdpXtOx7ncdbuxaANLokUvgTAtqG56aVRyAG8M2J8Vnfi8dltzuCIfC0Mb0bbJ4zjwY7QoqW675xe2v7xal42vIMQLzHzT1fQSammMEnbLxF8D5PFSVKbU836Tj0zlpqCGVvrEivXZP+M1rG43ZXd60L3WOWfKDrMoLF4ZJAiWVenL7QRvGAbemecxvIp+FjiYZyOHrM1DjpA619v2qm2VuF0EMLU2Fp/O1fCHzR9L1gRu3adzrsm11hzXbjkjgxv2xhoebFYAxo1zr/cMJA77LFm5sOip38qXdrVnGopMoLXZPEf7cDqItGLHvhVSkr3xCYsos6xkYAY5baQzer98AP7cwgL3n0KjXODCVN7gO5YYuqlv96xjKceUPhjebvQTEdxxy4rzPUnUhld4r6Dnd1y3jjJFuwZ1jYf4rXFd2/3ICeus56ARmUV0gpq7N83Sa1Uc7ZA8Pg/D2NVS9rtQgav1JLJ/0CThl3dPyCt3NpGP1nfppswDEPJ5Bd0zPw1fNI5orfxlFLPWCkIgPxiLfdQ9q6fW8W7k+6qz79NQRYBu0YHZE2Ry9bX7OcSZ5yxT2g6QSeyqYWvHZXH6UWRde9rdJ893vThi+OrTnEYXrNvLzC+IJMQsvq5SKpSa5anTvLIDQA8v5AFezrzd2J7HsJCKEQLSSK1AmT0G8tXbz8jrJETwKxFodwTekoHyWUuStkCLfE35oD7PbCUiS/mXh6w8YF/NuRZ5BJAeZeJlZ8rVFARbJvOyjCsx7SGH7iUefqbT8z2R+Wl9AFvqcEKg6KZBvkD7tkglmgoe6mB+kwszS2HxNvNET2gE6Kx8B1i856ffQyg5xgGMfYOrTAZcAOZudH7fIaSoEfkvtietlOlI/UX8BqPsGjSHRFmeC/oTJvRBL+fMxY68YjR2Dmkym7XdGaUlllALxPup9K8v4edPLXpRmAAjvBSbbxH6Sh37byEPeexyYGyvwEgi8M5E3Vu7gVweYaY29R7+MV64QNEZuFzBSxQZGfryMsYN4KMDFR5bVQXq8kgpLiIIYFj5iEyZzXQnLwJOMYmkZD5XpKgZv87vf2INh6rcJElmLKvF/20mKAymrOe5H0tE+DFAnorMPVpMtMbEpkUdUR2zBP4Hz+kkJ94E+38EaAUZejfuthmyCX/JfFrJA4yylciFnXSw/pZPtLA3O9sNxGHGvqvgahgdpMK+n4avCkfH1+ZvdYCwH2JcKI4EE4vuaCXhb//7/0wsBybaCw/Wxtu7aTkevRMHth03UZ/tB27dDsHAdvZji2RBdxPcBG61lmIuecFbWC5DGeB+yMFUdhMmog4Zlfg03drYu7YfqWrBFvNqMlYX3HkBa8pLxxRJhYbCYFLyOGQcmrzAZxnzmvzrZuHEXdVLCw3f49I7ab5I6DlKBQI7y+vxE10/ATBcWxUIVSOUHq/wqSyTNvEQEWcEeK4t37/hk+Bvv7K48TwwAAA==
.yandex.ru/ Name: yuidss
Value: 9842870031657860134
.yandex.ru/ Name: yandexuid
Value: 9842870031657860134
.audrte.com/ Name: arcki2_adform
Value: 8263187426641512786!20210804!1657860134916
.console.adtarget.com.tr/ Name: a307457
Value: 8263187426641512786
.console.adtarget.com.tr/ Name: vmuid
Value: b52363325a4413a7
.admixer.co.kr/ Name: __auid
Value: 706ee74e7ad8701489a9b3c1c2ab64f2
.admixer.co.kr/ Name: __puid_103
Value: 65bbbff9c6174855a3d484c257899316
.admixer.co.kr/ Name: __id_utm
Value: 20220715
.admixer.co.kr/ Name: __id_inf_103
Value: 0_65bbbff9c6174855a3d484c257899316
.adtelligent.com/ Name: a318342
Value: b52363325a4413a7
.aidata.io/ Name: __upin
Value: 2elQMQJOHM9UBhyuA2A4hg
.aidata.io/ Name: __upints
Value: 1657860135
.dmg.digitaltarget.ru/ Name: viuserid
Value: nzZ8fBdMwHzgnen7532P
.doubleclick.net/ Name: DSID
Value: NO_DATA
.audrte.com/ Name: arcki2
Value: 3hdiz5CBTYuTpiawiWwRPGN1A!20210804!1657860135811
.1dmp.io/ Name: uid
Value: 80897c21-03f8-11ed-ad67-f832e4719dd9
.adx.com.ru/ Name: user
Value: 62d0f028f0e01505331859a9

8 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://tags.bluekai.com/site/87734?id=a45e46b2-d097-4464-52dd-fc19d41675f1&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a45e46b2-d097-4464-52dd-fc19d41675f1&reqId=6965f34f-541c-4a57-5038-09813194db31&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://adx.com.ru/adspend-sync?confirm=true&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FxLfmfLC7CYuqPY3fMXyGqW%3Fsign%3D293192260%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62d0f02505f708479ac249f0&uid=62d0f02505f708479ac249f0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.betweendigital.com
ads.go2net.com.ua
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
adx.adform.net
adx.com.ru
ajax.googleapis.com
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
c.bigmir.net
cdn.admixer.net
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
content.admixer.net
counter.yadro.ru
creativecdn.com
cs.mobfox.com
csync.loopme.me
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
match.adsrvr.org
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
ps.eyeota.net
r.i.ua
rtb.openx.net
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
scontent-lcy1-1.xx.fbcdn.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
server.cpmstar.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.lemmatechnologies.com
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
zdorovia.com.ua
adx.com.ru
scontent-lcy1-1.xx.fbcdn.net
104.18.19.126
104.18.2.81
142.250.185.66
142.250.185.98
146.0.227.107
146.0.227.110
15.197.193.217
151.101.194.49
168.119.79.223
176.9.81.69
18.156.0.31
18.198.126.47
183.110.238.136
185.184.8.90
185.64.190.79
185.86.137.110
185.89.210.20
188.42.196.115
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.26
198.24.170.53
198.47.127.19
199.115.119.227
205.234.175.175
212.82.100.182
213.19.147.45
23.205.235.133
23.227.139.243
23.227.146.194
23.227.147.130
23.35.236.201
23.75.240.210
2600:1f18:6593:f607:76e2:e824:b454:65c8
2606:4700:10::ac43:db6
2606:4700::6813:ac6c
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9b
2a02:6ea0:c700::19
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f067:e:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:400::300
2a05:d018:24:b002:32a0:48fa:dc36:ac0b
34.111.131.239
34.255.204.3
34.98.67.61
35.169.179.244
35.211.178.172
35.227.248.159
35.227.252.103
37.157.2.236
37.157.2.238
37.157.3.29
5.178.65.245
5.178.65.253
51.15.145.115
51.68.39.188
51.75.86.98
51.83.220.94
52.213.127.205
52.215.200.154
52.57.150.20
52.95.115.255
54.166.21.101
54.229.168.160
54.74.201.126
62.149.18.58
65.9.66.128
65.9.66.97
66.155.71.150
67.202.105.31
69.173.144.138
69.173.144.139
69.173.144.165
69.192.160.219
72.251.249.14
77.123.132.42
79.125.65.240
8.2.108.175
8.2.110.206
82.145.213.8
85.114.159.118
88.212.202.52
91.210.190.92
01b1514d33ffa7037e363e2ce1e04fbc1eb5ae07ed1871685142261070f28546
03aaeb0a1bb3515fd632616ae6cd3ed1dc0155e9860646cbf518e7547f887b58
04b36d5defc153b6c8ab0d130684f01eb484c98c29f8df379bf015c24d5f9dfb
05f1be10987e6c7de2d4e0f7bb623161fd090825338ac42d709f400840d6d168
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384
0af3b5f1b3525eb435c6c18b464a06700807890793fcbc2eef5d3f24487791f0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
11c86c8b7cdf23a13f34844db7257390f005ed0747a6e9e69f9efcbe32f23b67
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
148da672760464ad3ef5260e94c03ec082f83b74969b414f3604dac43a4c3fb5
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
163ea8142b50e59a0f45a83e14ad5cc51ec2fff2635c48772cab915dfd36a2d5
1768beb7d8e10f67c29161075427c54f8125c87cfcc8538d7a8e206ec1487f4a
1780dff128a6c49fe8002a7620843d05f1a9ad705ecf8ca53ea800b8999e3c88
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a1b4b9b38d688aa69c05536280627eb785e470bcb2fff52a256c301dbda5873
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1cb44bfedc8fadd2d8900b325e7bebff8d2e5a8edcc86a827076be994c1d7e72
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
2105b3117a3f1242e265395522632005ea6ee5200ea25cb3650300912832bea9
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
2433011b3f479c5c59bd3f6ea6ed6ba3ea78f8fe002bbdac271ba0078b0a4f81
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28d7c84902b2f125d9a2dc6cae91b79c4fc83524733617606261dd805a87f599
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cc94c8531f5ea5e83fe64e0efbbf6563f5d5821af92e791998ac7a7b388d386
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
3094f576eaf7398523dea0d1067afc0889f1d79b204090bc452227213e6eb495
318386abe430572a09f20f0de11cf2d1a0158db3953a47e2a1db7bdc1334a87f
3199170b3f1d84f8dc1ba6c4f88d65ff2f316b51b67127673ae2b567f8b43696
31e6b8019484be676484285edd74778b774a84a2d5514f6da1439f3746ad56fd
36379329b7142ab0e3a09116bd4b40f12307b589838697f98b10e8354e995f21
37f0e8589907a886fc7991c2572ce2ca60afa60cad8b1d46495bf6aafc735e46
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3df4dcfff12a085fde3db45a708fbec81151d0a406dbcb9a8674fe9a7926c70f
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9d2b13bd7e7c42fb66b1809b53f882444ea82f853a18f8295913ce0f920dab
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff4dbe77447bf06729584e2541ed7d8a7ba8fe95355ea95de66bbd90fb0fc01
406884d390cd6a3aa38b68d0e3c31bdec0139a73b68cd17e6fea9d4cb63ad1cc
440ed3b0553bf55ca74b909ed47f50af6152ea4cdd32738fb291ec639f9eec5f
441d564165f2937c9f4ab097b5ba6ce76635bde0d28546d891b8cb235dbe9710
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f29f57d85acfe9a211e77308edb77f93943c07191ec4531bd52f05000c3530
44fe3c928a3046415e4d420877c728ab13598e78c3e0e0b2fe14a1e0c942d7ee
46b0ef7e741ff491d90a9e9fb67bba81f023ff2b07d488fbcda68732a7a7dc26
46cda8809a5a0fc58808ff6bfc903b67f678b9d52a672f549070d0caf775e856
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a022ea00ec5e520fa6a35b04699c1abe95a85c768e2f4d586da157f554a918c
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57bad8607901d7cc20260262a8063a7b88d2b61cab3e6850f73b52cd1c716ab9
5b049d0f6436072f525c65c4bc093f2ae446773114f7dcf1140d10c2430d6a84
5b3e5509e3dde58324f9a444c392931e6778b1b90543ef76bc6030352316750e
5ba9bb6f2a3c2671b407883d6e3114ac5c9dce1ee9a7bce4f964586cddcbf9ec
5cd6779b66096d933e11cb58fb6ea48cfb07eb6336707a24c2a7d3e722ca473f
5cdb4d6ddd0b7546060e89e7b41ce0286543bc52498adbfe0a727cb8dfeffbd5
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
5ff6a43ed2b802139092338f5178875c1563ccfee4057256cbf566f1e510ac68
61993b10e55e3f95218821fe7004ac69af070de5d270b41facdd53773a3ffd69
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1
67d7a82a322e3a332f92cdcec5040afab8f9ee7ab6f7442ffeff45475a4e8ba4
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6a6e24280fbfe8eb90a712cef7444e2ad6a52ffed6caab24b022cee3d3e9fb0c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb706286d335d6c1c71f0dfa2da12a28563585c6184d68b0294a8f976222b85
6dab73e6a021b319c60c2fab97372280f1bc95602abf02e394c565d30d192e8f
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73bbb7cc64158adba2fd3afd8e8dbf2662e208c1496be4573498e7b64379e213
75954effae614c077f123335adebbcaee0612916f7a6cc377abc6691a4ba9716
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
76833df9b53e2f8a2563d9a2ea0f06dbeca97a6f778ca09eb129091294c6f976
76db83b9b50e9772924e717f90cc6eda60114965d67aeb13e567785425b1d553
774c91a7d60c937e37f977e6138e18040aca9ec06d44d7df4f0f64735fb06d33
776ecaf919fd0a84f66e632f224c9105c5f84c1ff505d1ac48ab712063db8bfc
7b4d1103881ab556c8c71d75cf702936bd980f2f83434abbb42d359b93d22ef4
7f185850a63082bfd87106346504adf29129d702cb4e4895423fb13c0a4ec5e2
7f8f891d36bb0286acc05effcc6208dcbdbfa25781343bc89dc4c5059a35a5dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d766b83a1808e5516c2d064d53d52bd58d2bf6ea05e99e865e2d012c9cd59f
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84fb7c77dd0c26c67d067b5ab60856ed7f3cb54c828290cb791382f54d3ddac3
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
87a1a8495c4cc16934a35c1fde4d6941f28ba3e6c6b741a2a779a62499d0acba
88a590e51779b887e7b9f870990da99b5b7535a977e3b24bbabbaf5582a8f04a
89569f7b8efe5db3fadb9f6d91fbcd54bca84c94d4364bf17e8e1245c6359773
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2
8fd980eb0bdafd95bbee0e8c7a44552d6ecaed72f6efa790de83c110af020501
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
920d588fa5746f93237314e13809e064c996e409f3b5c3377766a71c0d9be283
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
972a70d6d0753c1c3f97528bb2aa2b44af896bdf353aed8b33cccd940ef56509
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
9aa61753ac09aded0f140b16f4ec5c0fab0fb86a1ff7c90957a97af2acd88967
9b9ff8a452929637abe720ab68d6c766dadbb975414c8914f2dc81d1b45f5a8e
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9c7cf441bc6f44b8368e0f4c21e2707d49278859029f0e77240d294a75667827
9d1d2b43646e9c1a1e891a14365f18636d2562b160e948e2bd8071f739f8b58d
9ff4ebc9a9306942803d8c835dd2a42a76c18b3d8f1786e4d2ae77fd60a6c3b1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a3d9317a1b8c2aa2fb35ecb3abb1915d33bb75665a78cc9b9d04f41064600d93
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a7d5480dda0053c5009b34a22884c2a650ba2e2ccaf87bba0c84f103eb509246
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
afb83ff583bb444deeb887ca1f8ebc6b04319bc0308fa0c9e37b6245ea8ed94d
afda10fafc647ea69a91f7b600bc4ad3aba137a85e56ef06ebc6e3719c4a566c
b0bb98c255be9c76f9799402dc0e69334836b9c8379813cad207ac40bb4736d7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17abc48cfd1d589ccc9cd0f6b2994aefb51eb4894ebed1d3b10d89ccacb79fd
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b4e3a79bbf99c23453d9338743a57fafbba83324090047a917c829dcaf197896
b6c4442649280faf20691f640524bfa6550e83d8db6e24675867e5286d9bf4b3
b70792bb33bc130c991a1376be7bbeab42e3f61119f7d5c3eb76b1a02029d63a
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b7e5ab084476a2d5ae085f716853c4bcf1957af34744401685a328c83dc86a4c
b9bc4e3f6fb7579103ca8810697b0ebd49372c6dd616f3fee4a3027524156b48
ba5ffcbfecd11aa47e6133e8737d5869646ec8c7398e4669909d8001b0ef00b9
bf4fec7df3fa372e5e966e3c055ce74eedafd8259b2e4d72449150b389254304
c0592d1c43cb957f92dbb1ff08240a1c8faabc1eeb9e7186be2ce918dfd53da6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c282164cdf8f7d9d7bd651c33b2f9823f515021ae2a42ba87017b065edc944a2
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c4c94bfc77d541d14b3115d72ce6c584fdad7a227f790194324bd85b8a5950ff
c5525d7e2a582b22a4406e463c27f0ca5dcfdb91fd221f05af6e3f66274bcccc
c60b208453d6f3aa42119a08c2aa3719ae78fe707aba0e6dbf67fff70c47d769
c711092f3482c9574a7540014b20d7ef1e5c71f5de35c0aaebaa3692208599ab
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ca40cfa00bab0f2ca8c6c551585753463dfab71e2a956b1cd1cd0673b3c68079
cc9a52a10362d8baf48434b7d3ac2e081d84ddbe21ae0f52e3c0d9911d61e182
cf859ca07602dc19e53c64acc662a6683e412cdfa8dc0c16e93534aa1718be90
d2093b6d0102bc97c13782276f88258dc5e5996f6c5bb7da4e7b828437194cf0
d32b16e63147d591c68210d3bd219c74cca0a21444e37e8f1d678f68b2ac4c7f
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
d7305ae60000c255800d67100edf03d249fff76313f57d673e8b7c66a31afbff
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
de196fa938446c7486bcecc14b72919df6f78871a4af22c4f168a2785a0139ff
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
e222ff7225e68bf42e9fc1cc841dd256b391daffb3fddf263b2c5ac916f4b3f2
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12
e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47e3520a08c6e282f35b755ac5b525000a05fe172e48c1c8e9eb3d7d680d356
e4a4316ad52930ac608e1d3b7c332b65fe598402eb7931cf00de6d9327bce5f6
e4ff7c94b39d2917f7a4698ad6fb513e2d832716a88f8187da948aef42dbefcf
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e652f06b7fec9dd26e98b41e48c670bca0565eaf07413c6198857d5593949155
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
e82a908d850b5739ee42862df40ebf15e164bbff47449691e8b696cd910da9f8
e85b584b39efc9c6ff80e1c261d8bcd1b022aac3a589b602811a7111bdf8e0c0
e88a4615ec9f68f26914eea185182b586a1341382254b50acb70438a6da3d837
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82
eeb67fa059853b066262d0f25d8d93abadd93bbd890474414c3cf77a7554daba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeb239e90e03f1c98f6b5e6b9c46f8a3f546e933b8ebed3134e36d84d24df75
f0a644a176192dac8c71e5e45fc76a2843dbffefd9e51816a371da02fadd1b0d
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a
f1e60fb129ced9eebf273d236b7a8d47a98fa7a063d6c607727c82b699a24fb1
f32f2c6ae994c6281a3a6b532e38957c475a705737e72d4d5ca2542167f74241
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f8b5e9ccd182fecd4fddec539b4cf581c96c3ce033fccbf73c727961a3613811
f94fac4a3eb3855941efbd4014d8a8e46ba6304e10e3e798bae5dbe6a13b251e
f976f171923cc1ae4aad0617193dfca0addd7f4211cee228a0fe2738c120e097
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff35b309bbb94f7d46d2df30a901f7a149160bf2c62395aadaac4d81fbfc7003