www.zdrave.net Open in urlscan Pro
193.107.36.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%...
Submission: On May 21 via manual (May 21st 2023, 4:15:31 pm UTC) from BG — Scanned from DE

Summary HTTP 103 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 14 domains to perform 103 HTTP transactions. The main IP is 193.107.36.30, located in Bulgaria and belongs to SUPERHOSTING_AS, BG. The main domain is www.zdrave.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 22nd 2023. Valid for: 3 months.

This is the only time www.zdrave.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	193.107.36.30 193.107.36.30	201200 (SUPERHOST...) (SUPERHOSTING_AS)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:4f:1... 2620:1ec:4f:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 15	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f12... 2a03:2880:f128:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
103	23

42 193.107.36.30 (Bulgaria) 1 redirects

ASN201200 (SUPERHOSTING_AS, BG)
PTR: server25.superhosting.bg

www.zdrave.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdrave.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f128:83:face:b00c:0:25de (Sofia, Bulgaria) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	zdrave.net 1 redirects www.zdrave.net zdrave.net	626 KB
24	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	317 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	319 KB
10	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 245	115 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	2 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 102	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	106 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6080 adservice.google.de — Cisco Umbrella Rank: 9037	939 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	89 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	600 B
1	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 952	211 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817	7 KB
103	14

	Domain	Requested by
41	www.zdrave.net	www.zdrave.net
15	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	www.zdrave.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	static.doubleclick.net	googleads.g.doubleclick.net
2	www.facebook.com	1 redirects connect.facebook.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google.com	www.zdrave.net tpc.googlesyndication.com
2	connect.facebook.net	www.zdrave.net connect.facebook.net
2	www.google-analytics.com	www.zdrave.net www.google-analytics.com
2	fonts.googleapis.com	www.zdrave.net googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.zdrave.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.clarity.ms	www.zdrave.net
1	maxcdn.bootstrapcdn.com	www.zdrave.net
1	zdrave.net	1 redirects
103	23

This site contains links to these domains. Also see Links.

Domain
twitter.com
zdrave.net
www.facebook.com
mediamonitoring.zdrave.net
www.linkedin.com
plus.google.com
child.unihosp.com
bba-bulgaria.com
none.bg

Subject Issuer	Validity	Valid
zdrave.net cPanel, Inc. Certification Authority	`2023-03-22` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-28` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
Frame ID: D4AB16248CE14CE17CD8DC968103CFD5
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: 019CCFA16CA38FEB9CCCDB234CDFD4CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&adk=1812271804&adf=3025194257&lmt=1684685728&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726428&bpp=4&bdt=266&idt=182&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2850284753973&frm=20&pv=2&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=218
Frame ID: BB97E8F4DB9ADD83A401AED0374BA0F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=90&slotname=4277830557&adk=621980329&adf=921206747&pi=t.ma~as.4277830557&w=728&lmt=1684685728&format=728x90&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726432&bpp=2&bdt=270&idt=217&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2850284753973&frm=20&pv=1&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3RVY0gBRpH&p=https%3A//www.zdrave.net&dtd=222
Frame ID: 1B56EB65D51F1DEFA4BF3BE3DCCEA7E5
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1684685728&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726434&bpp=1&bdt=272&idt=224&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2850284753973&frm=20&pv=1&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=j1sHmZ1tyj&p=https%3A//www.zdrave.net&dtd=228
Frame ID: E0F44D8568C332272D6A4469E2466C1E
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: 96D0A6C385F406D65DE129BC2B83E86D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df4e8f7410b401c%2526domain%253Dwww.zdrave.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.zdrave.net%25252Ff631149cf0cd0c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdravenet-102162099889218%252F%253Ffref%253Dts%26locale%3Dbg_BG%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26width%3D300
Frame ID: BAA062C104D605D0AC1BD2BCA12D2A38
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: 35FA6DE3C8611E4306AE9678EE38FA98
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 092FB4AD0D62E5F782804E05B0103138
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 225E020AC9495C994536324B3FEFBB09
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини - Доц. Шима Мехрабиан: Проучват се няколко антитела, които променят хода на болестта на Алцхаймер

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

97 %
HTTPS

95 %
IPv6

14
Domains

23
Subdomains

23
IPs

4
Countries

1605 kB
Transfer

3050 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/NetZdrave

Search URL Search Domain Scan URL

URL: https://zdrave.net/news.xml

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Zdravenet-102162099889218/

Search URL Search Domain Scan URL

URL: http://mediamonitoring.zdrave.net/
Title: Медиен мониторинг

Search URL Search Domain Scan URL

URL: http://zdrave.net/
Title: Начало

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442&title=%D0%94%D0%BE%D1%86.%20%D0%A8%D0%B8%D0%BC%D0%B0%20%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD:%20%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82%20%D1%81%D0%B5%20%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE%20%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,%20%D0%BA%D0%BE%D0%B8%D1%82%D0%BE%20%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82%20%D1%85%D0%BE%D0%B4%D0%B0%20%D0%BD%D0%B0%20%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0%20%D0%BD%D0%B0%20%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80%20&summary=Zdrave.net

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442

Search URL Search Domain Scan URL

URL: http://child.unihosp.com/

Search URL Search Domain Scan URL

URL: https://bba-bulgaria.com/

Search URL Search Domain Scan URL

URL: http://none.bg/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://zdrave.net/images/icon.png HTTP 301
https://www.zdrave.net/images/icon.png

Request Chain 72

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvoqwEQ4AMY4AMyCLnoeCyepQ3L HTTP 301
https://tpc.googlesyndication.com/simgad/13693739128686457384

Request Chain 91

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODc6om8ExDQDxjQDzII2HgXJ68Yfk8 HTTP 301
https://tpc.googlesyndication.com/simgad/2922712648441191968

Request Chain 93

https://www.facebook.com/v2.8/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4e8f7410b401c%26domain%3Dwww.zdrave.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdrave.net%252Ff631149cf0cd0c%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FZdravenet-102162099889218%2F%3Ffref%3Dts&locale=bg_BG&sdk=joey&show_facepile=false&show_posts=false&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df4e8f7410b401c%2526domain%253Dwww.zdrave.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.zdrave.net%25252Ff631149cf0cd0c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdravenet-102162099889218%252F%253Ffref%253Dts%26locale%3Dbg_BG%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26width%3D300

103 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request e18442 Show response
www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D... 62 KB
16 KB 390ms
168ms Document
text/html 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache / PHP/7.0.33

Resource Hash

f5d33843676c056c526519807e3b3a50fce4b3b1d28a3e496e211d281be7e2bb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 16102
content-type: text/html; charset=UTF-8
date: Sun, 21 May 2023 16:15:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Sun, 21 May 2023 16:15:28 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.0.33
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans|Noto+Serif

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838478d625f1201ef42210a07b0a252919587d9e0aaa79c25dc47409e58f611f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 16:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 May 2023 16:15:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 16:15:26 GMT

GET
H2 200 default.css
www.zdrave.net/css/ 1 KB
591 B 38ms
36ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/default.css?version=3.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

f449d1503fabfc8367b7e1698ae3d62c4a5b4c1cd88fe05d0b00881d6fcbb0c8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 07:03:29 GMT
server: Apache
etag: "7ae0a3e-432-58ddb172a1f9f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 499
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 jquery-latest.min.js Show response
www.zdrave.net/js/ 94 KB
33 KB 70ms
68ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/jquery-latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2017 08:52:15 GMT
server: Apache
etag: "7b00c79-1762a-54e9ac5dbcdc0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33225
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 menumaker.min.js Show response
www.zdrave.net/js/ 2 KB
612 B 38ms
36ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/menumaker.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

a2f9715182c9ec076818f9f7c3291f1d03da74d0edf4a12f7c69d62fa65481dc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "7b00c7f-643-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 550
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 script.js Show response
www.zdrave.net/js/ 172 B
306 B 36ms
35ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

a5a177c215b89cccf0a6dc99c27e896853a287f0e822ff64682fe36a8e16d405

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "7b00c82-ac-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 165
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 bootstrap.min.js Show response
www.zdrave.net/js/ 27 KB
7 KB 39ms
38ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/bootstrap.min.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:21 GMT
server: Apache
etag: "7b00c78-6cae-54e7520252a40-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7283
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 c.js Show response
www.zdrave.net/js/ 7 KB
2 KB 38ms
37ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/c.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

776caf23f2dd61692e8bf8ec85e98407dcdf172758472b2166b12e659853e098

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Thu, 02 Aug 2018 13:05:25 GMT
server: Apache
etag: "7b0023d-1a2d-5727376e9af7c-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1970
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 jquery.twbsPagination.js Show response
www.zdrave.net/js/ 11 KB
3 KB 38ms
37ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/jquery.twbsPagination.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

0878b7a70b07f41f8dffb16561bb8a07da29a2e21c353e30de2141cd90c298f5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2017 09:25:18 GMT
server: Apache
etag: "7b00c7b-2cff-54f280cf19b80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2745
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 94ms
65ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0688cbfdec8ee6107a902952344d60e91f2681c2ba7978733c13d7c392e79707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47337
x-xss-protection: 0
server: cafe
etag: 15937384781044713941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 16:15:26 GMT

GET
H2 200 logo.png
www.zdrave.net/images/theme/ 8 KB
8 KB 91ms
88ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c3ddaa5eecec0e0081656dd442d14e03fcd302b4400d8b8af9e62d25b27a68b7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f7e-1f7a-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8058
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 rrssb.min.js Show response
www.zdrave.net/js/ 5 KB
2 KB 34ms
34ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/rrssb.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c6b16c1f0ed9249a4c2c2da6b7ebc2e25aef5998ddb8b311e312a9cfe20247b4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "7b00c81-156d-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1934
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 comment.png
www.zdrave.net/images/icons/ 2 KB
2 KB 70ms
67ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/icons/comment.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c318714f0ec6a40faa4c30ae5c6beb71661d82568f18565219bfb1550224462f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 01 May 2017 11:57:17 GMT
server: Apache
etag: "eed5a58-6dd-54e751fe82140"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1757
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2

200

icon.png
www.zdrave.net/images/
Redirect Chain

https://zdrave.net/images/icon.png
https://www.zdrave.net/images/icon.png

3 KB
3 KB

41ms
40ms

Image
image/png

193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/icon.png

Requested by

Protocol

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c32886a5d00d2b4761daaa1cabb05eb082e41eb34943699ea64da7b27a8518a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Thu, 30 Nov 2017 05:53:18 GMT
server: Apache
etag: "7af131f-c3d-55f2cde664f80"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3133
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

Redirect headers

location: https://www.zdrave.net/images/icon.png
date: Sun, 21 May 2023 16:15:28 GMT
cache-control: max-age=2592000
expires: Tue, 20 Jun 2023 16:15:28 GMT
server: Apache
content-length: 246
content-type: text/html; charset=iso-8859-1

GET
H2 200 jquery-1.4.4.min.js Show response
www.zdrave.net/js/slider-images/ 77 KB
27 KB 38ms
38ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/slider-images/jquery-1.4.4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "2861f8e-13309-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27073
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 jsCarousel-2.0.0.js Show response
www.zdrave.net/js/slider-images/ 11 KB
2 KB 34ms
34ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/slider-images/jsCarousel-2.0.0.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

b86d7688284b356fc73bf814453d2e5f81c3e42403967512a7b51516bb436892

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "2861f8f-2d2a-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1815
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 image.php
www.zdrave.net/ 29 KB
29 KB 92ms
89ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/image.php?width=400&image=https://www.zdrave.net/ImagesDB/News_18442/1626181978-mehrabyan.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache / PHP/7.0.33

Resource Hash

f1f12216b8d744cd13ba418207fa624ede6557b891760355f09d2869c861e416

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 09:17:19 GMT
server: Apache
x-powered-by: PHP/7.0.33
etag: "f8b251097a6955f421e9be9977910aaf-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 29122
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 1626181978-mehrabyan.jpg
www.zdrave.net/ImagesDB/News_18442/ 35 KB
35 KB 70ms
67ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_18442/1626181978-mehrabyan.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

13d856669dc58286db20494f69beb7ad68923c4b5e5efb0b12aef8914c5d5151

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Tue, 13 Jul 2021 13:12:58 GMT
server: Apache
etag: "7fe038a-8b08-5c700ff239b82"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35592
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 1684506459-I_Indjov.jpg
www.zdrave.net/ImagesDB/News_26041/ 30 KB
30 KB 90ms
87ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_26041/1684506459-I_Indjov.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c773b91e26daea237aa7ca4b8319ef795589bc46983732ec485694138a95a384

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Fri, 19 May 2023 14:27:39 GMT
server: Apache
etag: "ca6055e-7843-5fc0cb92ac746"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30787
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 1684652370-us_paramedici.jpg
www.zdrave.net/ImagesDB/News_26049/ 44 KB
44 KB 69ms
66ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_26049/1684652370-us_paramedici.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c1af62cdf1f4e8fc4d90e9111efba5d616ab38f1ba50df1edfd180dc47051828

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Sun, 21 May 2023 06:59:30 GMT
server: Apache
etag: "cb202d9-afe3-5fc2eb21d45ae"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 45027
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 31_camp.gif
www.zdrave.net/bannerInside/ 105 KB
106 KB 37ms
34ms Image
image/gif 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/31_camp.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

5ab8a6d729d40258c07b55b51f4ee107727ac32c83f2475f875ad48cd0dcee9e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Thu, 21 Nov 2019 14:17:11 GMT
server: Apache
etag: "7ab05e4-1a583-597dbf4054a4c"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 107907
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 16_10_bba-1.jpg
www.zdrave.net/bannerInside/ 82 KB
82 KB 89ms
87ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/16_10_bba-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

84b871d5eb4a2dcc2a79dcddc492dfda7e095066914ef8e7fd481c2a31ffa9c8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 24 Jul 2017 12:48:11 GMT
server: Apache
etag: "7ab3904-148c9-5550fa09bf8c0"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 84169
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 1678742463-truth_lies.jpg
www.zdrave.net/ImagesDB/News_25334/ 37 KB
37 KB 90ms
88ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_25334/1678742463-truth_lies.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

3cdb3d4bd2db19e7cfa2aec8e99af2f61e0ab76c15acc87df782cc231dda1b83

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 13 Mar 2023 21:21:03 GMT
server: Apache
etag: "ad403ac-9453-5f6ceb0379008"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37971
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 1669288964-apple.jpg
www.zdrave.net/ImagesDB/News_24222/ 41 KB
41 KB 90ms
88ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_24222/1669288964-apple.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

ff49ef60cf91b017a1b745c0fd09acce50a695fd20aa0f27a3a60f274c19ad41

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Thu, 24 Nov 2022 11:22:44 GMT
server: Apache
etag: "9920643-a3a8-5ee359fc6adfc"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 41896
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 1644924027-pari.jpg
www.zdrave.net/ImagesDB/News_21096/ 49 KB
49 KB 90ms
88ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_21096/1644924027-pari.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

498288a8a7c75ee136fca9a5f1e6d2b5c451db4591d91418abfc16d2cfb67724

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Tue, 15 Feb 2022 11:20:27 GMT
server: Apache
etag: "7ff0025-c35c-5d80cb852e78d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 50012
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 1620808033-podpis3.jpg
www.zdrave.net/ImagesDB/News_17635/ 24 KB
24 KB 90ms
88ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_17635/1620808033-podpis3.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

09f87e0fec746de870049d9fc6ff4e4edf1126968dce6fd0ca8892f7af2705c7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Wed, 12 May 2021 08:27:13 GMT
server: Apache
etag: "8740299-60f7-5c21dc71bbf2e"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24823
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 none.png
www.zdrave.net/images/ 4 KB
4 KB 112ms
110ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/none.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

1369787835af869aff7b52ee93d7a13b1f92b3492e9a1f0bf03e32c41d5780e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "7af1323-f5e-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3934
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 44ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 940
age: 9220231
cdn-cachedat: 07/06/2022 16:35:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c2ac29fefd200cd8a80bd09221b23858
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7cae1e3d681a35ff-FRA
cdn-requestpullsuccess: True

GET
H2 200 rrssb.css
www.zdrave.net/css/ 8 KB
2 KB 38ms
34ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/rrssb.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

e6776a7594a2024babdfe16f8085fb1b252f1abee124c62649765fb362aaa7d0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 07:03:29 GMT
server: Apache
etag: "7ae0a46-1f76-58ddb172d7719-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1507
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 bootstrap.min.css
www.zdrave.net/css/ 4 KB
1 KB 37ms
34ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

733714607acfa84239ae2242f87f105f82ca50b77ad89ab5063f6280bbae1d47

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 05:59:37 GMT
server: Apache
etag: "7aec8bc-f23-5c3213b26ad92-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1084
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 common.css
www.zdrave.net/css/ 1 KB
747 B 35ms
34ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/common.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

a52e781c2a4db6781cc86beebc89d121a183b8a48dac796eca08de3b4c0b3260

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 07:03:29 GMT
server: Apache
etag: "7ae0a3d-5e9-58ddb1729aa6f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 685
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 theme.css
www.zdrave.net/css/ 17 KB
3 KB 37ms
36ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/theme.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

5f298c5f7b81a280b862dbf20a96c7bc4a5956bb3681180b27a505895da08291

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 14:02:12 GMT
server: Apache
etag: "7ae56c2-459a-5eb63a7c7d3e3-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3490
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 index.css
www.zdrave.net/css/ 11 KB
2 KB 37ms
36ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/index.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

fe33791d0ed4232d5f276eb5d3ee5b844128c79cd09722b338e43abed2695b26

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Sun, 15 Sep 2019 12:45:30 GMT
server: Apache
etag: "7ae56c3-2b3b-59296dccbfe00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2163
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 navigation.css
www.zdrave.net/css/ 5 KB
1 KB 36ms
35ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/navigation.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

d3a7933ceea5975f066f9787abf8b060585444d1cb6bf8d8d6993e8421cbe405

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 11:53:27 GMT
server: Apache
etag: "7ae0a43-15f7-5a0bb1e1236b9-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1406
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 images-slider.css
www.zdrave.net/css/ 1 KB
467 B 35ms
35ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/images-slider.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

396b648d43188cce8b04129d6084ef3581feecde5d7248f6b15621947d57c2f6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 07:03:29 GMT
server: Apache
etag: "7ae0a3f-403-58ddb172a94cf-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 405
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 mobile.css
www.zdrave.net/css/ 13 KB
3 KB 38ms
37ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/mobile.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c406a9b6bbf5c1d7a070ca7d6d7c579cb57bacfd8b47c30f9598de88833937bd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2020 08:15:16 GMT
server: Apache
etag: "7ae0a42-358d-5a0cc2fa93dd7-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3120
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 16:15:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 14:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5987
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sun, 21 May 2023 16:35:39 GMT

GET
H2 204 6699u7okzw Show response
www.clarity.ms/tag/ 0
211 B 161ms
99ms Script
text/plain 2620:1ec:4f:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/6699u7okzw
Requested by: Host: www.zdrave.net
URL: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:25 GMT
x-azure-ref: 0nkNqZAAAAADeYsydgd8tSYu7PAJ0GiKQRlJBMzFFREdFMDMxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 google-plus.png
www.zdrave.net/images/theme/ 518 B
575 B 120ms
119ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/google-plus.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

28410b7bcdf8824fa405fe091d2f401c5b71e36ee5e431dc6a944cc22464de0c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f77-206-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 518
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 twitter_active.png
www.zdrave.net/images/theme/ 4 KB
4 KB 120ms
120ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/twitter_active.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

0aecfb25b75ea853c7bdd9f2ae4620cc1f8f63942127014ff31f28564e006ecf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Thu, 10 Jan 2019 14:46:44 GMT
server: Apache
etag: "2862126-fe9-57f1ba5b9f2fb"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4073
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 rss_active.png
www.zdrave.net/images/theme/ 3 KB
3 KB 118ms
118ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/rss_active.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

599411752c0cbc0680d552dce5faeda913b91f9e4879eed770533c30395a0ca7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 04 Dec 2017 19:16:05 GMT
server: Apache
etag: "2861f83-c46-55f888cbde740"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3142
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 facebook_active.png
www.zdrave.net/images/theme/ 14 KB
14 KB 119ms
118ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/facebook_active.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

f6e6967c12c98373a9bf1252d3491517032f8cfd9cd203885eb274df35180f1f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 04 Dec 2017 19:26:10 GMT
server: Apache
etag: "2861f74-3982-55f88b0cd7880"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14722
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 35ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans|Noto+Serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdrave.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:52:18 GMT
x-content-type-options: nosniff
age: 166988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 17:52:18 GMT

GET
H2 200 search.png
www.zdrave.net/images/theme/ 389 B
468 B 119ms
118ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/search.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

46d5ada7d42ccd1d918e9097eb2e58f0fbb8d7ebf230bff43fee1946c669fde7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 01 May 2017 11:57:19 GMT
server: Apache
etag: "2861f85-185-54e752006a5c0"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 389
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 menu_inactive.png
www.zdrave.net/images/theme/ 1 KB
1 KB 117ms
117ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/menu_inactive.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/navigation.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

04b75c37a7d5b3be61e313fd0dc248329785547e15283a83ffbbb9886c0aac44

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/navigation.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f80-41a-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1050
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 menu_active.png
www.zdrave.net/images/theme/ 1 KB
1 KB 118ms
118ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/menu_active.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/navigation.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

e922c29650768eee04e952c7b49e2c80d181ae7d4c00044a18191936093cfd6a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/navigation.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f7f-41a-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1050
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v21/ 16 KB
16 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans|Noto+Serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdrave.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 16:15:24 GMT
x-content-type-options: nosniff
age: 86402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:36:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 16:15:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/bg_BG/ 3 KB
3 KB 33ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd0ec7f0f8417e2c61c2b9d212af97be19f46b25e1a29c1a7e6737d25103917a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 16:15:26 GMT
content-md5: ZfOnO6H/sek6PhW+s1wMrQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: vbpIJYtJGL5ZZoWTOojlLqpLb5NBQt0i/bFKf7DezQhjjo2jkadRU3Tld7yTEXbMkuS1eGv9yW2Q4JWSQ2QlWw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 375e87857bef2d7b9e1e4e5f8ff1d3d0
cross-origin-opener-policy: same-origin-allow-popups
etag: "7f053ca1163923e4f4e196a2e5c658a6"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 21 May 2023 16:23:59 GMT

GET
H2 200 line1.gif
www.zdrave.net/images/theme/ 1 KB
1 KB 79ms
79ms Image
image/gif 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/line1.gif

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

6847fba5c78232ebd70ccc160948b4290b21425ca15970e4fab8cd7b17148c73

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:28 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f7a-4af-54e751ff76380"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1199
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 16:15:28 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 16ms
16ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=905518872&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%94%D0%BE%D1%86.%20%D0%A8%D0%B8%D0%BC%D0%B0%20%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD%3A%20%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82%20%D1%81%D0%B5%20%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE%20%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0%2C%20%D0%BA%D0%BE%D0%B8%D1%82%D0%BE%20%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82%20%D1%85%D0%BE%D0%B4%D0%B0%20%D0%BD%D0%B0%20%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0%20%D0%BD%D0%B0%20%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=907539375&gjid=1881914599&cid=1662213786.1684685726&tid=UA-1859235-1&_gid=1521518960.1684685726&_r=1&_slc=1&z=1620078361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdrave.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 16:15:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zdrave.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 62ms
18ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1859235-1&cid=1662213786.1684685726&jid=907539375&gjid=1881914599&_gid=1521518960.1684685726&_u=IEBAAAAAAAAAACAAI~&z=1935945834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdrave.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 21 May 2023 16:15:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zdrave.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/bg_BG/ 307 KB
87 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js?hash=758ff5e729d8e488963ac012f1db7c8b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/bg_BG/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

816e92d1f0edbecbf8114c896056af798497ea6c477d3db33c659cd931ed30cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.zdrave.net/
Origin: https://www.zdrave.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 16:15:26 GMT
content-md5: i0RF6fS6vOQMUi/4r25jrQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88778
x-fb-rlafr: 0
x-fb-debug: d0/W3gPF48ffOjc41LKgvGGgtD5/FxYzzzjrWmu2UCi0nw6SdJAqqbc6ZPOc+TBS0R6uRqiOjPyQHdrwYxmN/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 82b14923fe5ce9f65b86c63ad10b35aa
cross-origin-opener-policy: same-origin-allow-popups
etag: "00be1ee583d3f0c781e9810e36d7ad4a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 20 May 2024 14:40:50 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9342365088706924&plah=www.zdrave.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e77b5b69c7832c8071887145673e6780e18ded026b287adca8e771d808decf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122659
x-xss-protection: 0
server: cafe
etag: 10650219918619322804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 16:15:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame 019C 10 KB
5 KB 59ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 07:07:58 GMT
etag: 15057649708203361565
expires: Sun, 04 Jun 2023 07:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 76ms
46ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1859235-1&cid=1662213786.1684685726&jid=907539375&_u=IEBAAAAAAAAAACAAI~&z=522357561

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 16:15:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 68ms
45ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1859235-1&cid=1662213786.1684685726&jid=907539375&_u=IEBAAAAAAAAAACAAI~&z=522357561

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 16:15:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
600 B 52ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zdrave.net&callback=_gfp_s_&client=ca-pub-9342365088706924

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9342365088706924&plah=www.zdrave.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89af7a7549ceee25d5637cdc5c2ecfb1740489f78344636fb298d97f10d43abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 66ms
19ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdrave.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 42ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdrave.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB97 0
188 B 259ms
258ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&adk=1812271804&adf=3025194257&lmt=1684685728&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726428&bpp=4&bdt=266&idt=182&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2850284753973&frm=20&pv=2&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=218

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 16:15:26 GMT
expires: Sun, 21 May 2023 16:15:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B56 139 KB
39 KB 919ms
917ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=90&slotname=4277830557&adk=621980329&adf=921206747&pi=t.ma~as.4277830557&w=728&lmt=1684685728&format=728x90&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726432&bpp=2&bdt=270&idt=217&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2850284753973&frm=20&pv=1&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3RVY0gBRpH&p=https%3A//www.zdrave.net&dtd=222

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10ee8f3e532d9a8724115443764ebcd909ba09e78576b581eb63a3178e612c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39320
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 16:15:27 GMT
expires: Sun, 21 May 2023 16:15:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0F4 116 KB
36 KB 649ms
648ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1684685728&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726434&bpp=1&bdt=272&idt=224&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2850284753973&frm=20&pv=1&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=j1sHmZ1tyj&p=https%3A//www.zdrave.net&dtd=228

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bc82e5f6d320a81e8c6edbe151bfba315689624afc5145f1e8859bba92da33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36669
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 16:15:27 GMT
expires: Sun, 21 May 2023 16:15:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame E0F4 4 KB
728 B 23ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1684685728&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726434&bpp=1&bdt=272&idt=224&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2850284753973&frm=20&pv=1&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=j1sHmZ1tyj&p=https%3A//www.zdrave.net&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 16:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 May 2023 15:13:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 16:15:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame E0F4 2 KB
818 B 41ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0F4 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMDhcnkNqZJzbLeiezLUP9uq50AOy6fbQbubKlf-jCZzskdn5GRABIJDjsUlglaqzgsAHoAG11Y7ZA8gBCakCkmz4C7Mgsj6oAwHIA8sEqgS8A0_QJl9FmdVwt2bJqmiaI1qtCLiUPu-8tVd4O6R2493YdfJvmn3vZ6-o5f2Vp43b98hwZtTir1MqVzOeuXONlVrL9h736x99Ob4S75XVGSIbCa_pFbtMh7bmDLfIEQ_P_09Mq1uteCp2OgiY74oSmnD0XBSLSToyrYqBN7W5ZGzMYm__GhSBXkf3rPlqD-Dqb_TWUEanJXdDkzn75IV80acnD-U2XYElqROPDI5t4YrMtsyeySk-b1HElaWWHqXW1h3RunjFfv7VtmpBdPcsE2E333u4OskXJCxa-EbDNRysi_CkUN3lcYESAIW98u0aqndt7CmPMTCoZldeFvdP4J1OkZVFaSlpXYTwUji4lS68950t83vMM7_bwf9gX3O-_vkp4nO-QupGOjHSiKFwB4LOte6XIPVRPbszJ4MTwcPIDMT4GWyeIsKyrbv2f8ZV1PyZ0px7V1aV84USUnc4pO9h2Ci2TRjTUOcGgnSAgsYQCg2RhbYJGoa3MuQZRGsAdQo7UhdnedRQgIsFbC6uPW3SCI9RQDm9Ji5k4unUmH-mJZ6zGDmZMQqPow4limrG-m9SL-BOHUtQc48tvcAEu6O5pYwCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4qcsS-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQxNgV0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTC4gUBdAVAYAXAbIXHAoaCAASFHB1Yi05MzQyMzY1MDg4NzA2OTI0GAA&sigh=d54EPQEjV6A&uach_m=[UACH]&cid=CAQSGwBygQiDGkTePv3jnvpmfqknusenshCABEl7bxgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1684685728&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726434&bpp=1&bdt=272&idt=224&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2850284753973&frm=20&pv=1&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=j1sHmZ1tyj&p=https%3A//www.zdrave.net&dtd=228
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 May 2023 16:15:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 May 2023 16:15:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame E0F4 22 KB
9 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame E0F4 3 KB
1 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 13:26:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame E0F4 19 KB
8 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0F4 170 KB
53 KB 86ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 16:15:27 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame E0F4 32 KB
14 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H2 200 8519374645716072276_16292422861279698482.jpeg
static.doubleclick.net/dynamic/5/359708864/ Frame E0F4 11 KB
11 KB 36ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/359708864/8519374645716072276_16292422861279698482.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2655b07df11c02a7f6625c88a67fd24d543e2e0e9a1589e971bcc9beadccdb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 20:06:45 GMT
x-content-type-options: nosniff
age: 72522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10782
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 11:08:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 20:06:45 GMT

GET
H2 200 18245181002783714675_14728808768546058126.jpeg
static.doubleclick.net/dynamic/5/359708864/ Frame E0F4 11 KB
11 KB 42ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/359708864/18245181002783714675_14728808768546058126.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

537adc53974c39d0a408e195d31100c7363c001637169fa6c7b8d5aefdc7660d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 16:58:18 GMT
x-content-type-options: nosniff
age: 515829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11206
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:43:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 16:58:18 GMT

GET
H2 200 15703830014557834821_11988326925251650767.jpeg
static.doubleclick.net/dynamic/5/359708864/ Frame E0F4 13 KB
13 KB 36ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/359708864/15703830014557834821_11988326925251650767.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

228e9dd4e078fe52e43b810921090514479dc64e7a5f49adf088a8db9324ec6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 07:27:20 GMT
x-content-type-options: nosniff
age: 290887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13041
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:14:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 07:27:20 GMT

GET
H2

200

13693739128686457384
tpc.googlesyndication.com/simgad/ Frame E0F4
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvoqwEQ4AMY4AMyCLnoeCyepQ3L
https://tpc.googlesyndication.com/simgad/13693739128686457384

13 KB
13 KB

9ms
7ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13693739128686457384

Requested by

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8c911058e8c282bc63fa4d56f94dec086ec285897ae30a004ee2530bb579723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:20:07 GMT
x-content-type-options: nosniff
age: 53720
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12978
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:26:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 20 May 2024 01:20:07 GMT

Redirect headers

date: Sun, 21 May 2023 10:00:33 GMT
x-content-type-options: nosniff
server: cafe
age: 22494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13693739128686457384
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Jun 2023 10:00:33 GMT

GET
DATA 200
OK truncated
/ Frame E0F4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebab5a63c938ec55a25f263fee1d67b667b14afc19c6178aaf19a3b2f5724542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E0F4 21 KB
21 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 21:26:50 GMT
x-content-type-options: nosniff
age: 67717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 21:26:50 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E0F4 20 KB
20 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 84885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 16:40:42 GMT

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 96D0 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 11:11:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 11:11:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 1B56 2 KB
765 B 13ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=90&slotname=4277830557&adk=621980329&adf=921206747&pi=t.ma~as.4277830557&w=728&lmt=1684685728&format=728x90&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726432&bpp=2&bdt=270&idt=217&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2850284753973&frm=20&pv=1&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3RVY0gBRpH&p=https%3A//www.zdrave.net&dtd=222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 1B56 22 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 1B56 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 13:26:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 1B56 19 KB
8 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B56 170 KB
53 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 16:15:27 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 1B56 32 KB
13 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1B56 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpEOtnkNqZJafLaOa7gLJt6noAra65ctwr6T00MUR3dkeEAEgkOOxSWCVqrOCwAegAaKg7_MDyAEJqQKSbPgLsyCyPqgDAcgDywSqBLgDT9CB1988xaAoPW7q_1IWbFnYj7PUJHF-9A3P2gbOpK0x1qkma50GGSdhAL_XD6sMGm_u-HdgHfOQTFIUMbrWED42jmZnQ3YQbzj0G88KoLe-W_oa1Cl5JR5bldCxGbnXKrkd7LVWpjKVWQ6mjo38VsWIybGpXrSTeyGlYL7VABuKmKSC5WI7Otu6PNlBlrg8vpnQPGG43tJ5_ECp-CdvJocBGo24913TcbQt2kkCAVDpExHy_Fx10lHWsQghGGwKIdAxwNXF1IujAS5h5l-ccvvwWt9oJ9coGVYdoaWEF97OFDgeGmYXrn3ZHX3VG__Jg3uDYCmtxgxBfTVqKW9kskVaxiFXxWjFnu_AQZAsvCetNadL-6JI04wLWLN7y4Nl4pn3v9zxdEOOIjpyx0-vMFSjQFhUOZFnn57UQjK91I6E3QUgKTNSCWMY7CnF7HP5vDtDjNNv9_zpWXKWgYWetDpve7GHtmvKSrXn0Fx_09JsZZHrDBHDQk09NKK14WsybDpnpaMYYerRtNEKOjNH6ZiZ0WunWjtvf3BYg4HsZsSgpDQGdNlk6QY9BOJNWb9__CrVS-NnBjHABLLas8mRApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfG35AMqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEM77DdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItOTM0MjM2NTA4ODcwNjkyNBgA&sigh=xLW2TYOrOpg&uach_m=[UACH]&cid=CAQSGwBygQiDpuy4AOmSUnh6Ggb-lc8VG5olDrrBGBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=90&slotname=4277830557&adk=621980329&adf=921206747&pi=t.ma~as.4277830557&w=728&lmt=1684685728&format=728x90&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259C%25D0%25BD%25D0%25B5%25D0%25BD%25D0%25B8%25D1%258F-%25D0%25B8-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%2582%25D0%25B0%25D1%2580%25D0%25B8%2F%25D0%2594%25D0%25BE%25D1%2586.-%25D0%25A8%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%259C%25D0%25B5%25D1%2585%25D1%2580%25D0%25B0%25D0%25B1%25D0%25B8%25D0%25B0%25D0%25BD--%25D0%259F%25D1%2580%25D0%25BE%25D1%2583%25D1%2587%25D0%25B2%25D0%25B0%25D1%2582-%25D1%2581%25D0%25B5-%25D0%25BD%25D1%258F%25D0%25BA%25D0%25BE%25D0%25BB%25D0%25BA%25D0%25BE-%25D0%25B0%25D0%25BD%25D1%2582%25D0%25B8%25D1%2582%25D0%25B5%25D0%25BB%25D0%25B0%2C-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25BF%25D1%2580%25D0%25BE%25D0%25BC%25D0%25B5%25D0%25BD%25D1%258F%25D1%2582-%25D1%2585%25D0%25BE%25D0%25B4%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%25B1%25D0%25BE%25D0%25BB%25D0%25B5%25D1%2581%25D1%2582%25D1%2582%25D0%25B0-%25D0%25BD%25D0%25B0-%25D0%2590%25D0%25BB%25D1%2586%25D1%2585%25D0%25B0%25D0%25B9%25D0%25BC%25D0%25B5%25D1%2580-%2Fe18442&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684685726432&bpp=2&bdt=270&idt=217&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2850284753973&frm=20&pv=1&ga_vid=1662213786.1684685726&ga_sid=1684685727&ga_hid=905518872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074468%2C31074687%2C44772268%2C44782467%2C44788441%2C44789923&oid=2&pvsid=2697168977454759&tmod=126661760&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3RVY0gBRpH&p=https%3A//www.zdrave.net&dtd=222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 May 2023 16:15:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B56 25 KB
25 KB 66ms
13ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ26fLJI2rmeVo0uCjOsTIrywGJMm6AGex46jXBtPNeW1ZtgjHtr27-Ro7ELw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1c6f20553ff54fca6c9488f9a00538aace518a80cccf750cdc703654b1a292e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:04 GMT
x-content-type-options: nosniff
age: 106763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25489
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 05:13:19 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 May 2024 10:36:04 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B56 38 KB
38 KB 76ms
23ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQTz4h_Z2bRzRVLwbBl1Ch79PeC67Itp9pHDQh_zKUcnvhGiavpAfglcvv4DkI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c068a865a7c0af3d84d26f43104ed3288d3e476a900691a7c37076534bf8e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 19:21:03 GMT
x-content-type-options: nosniff
age: 161664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38812
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 06:01:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 May 2024 19:21:03 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B56 36 KB
37 KB 66ms
13ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQLRm2PwiTmrocrt_NReKDl6nQT-N6fXN_dpYcrAJS3iPjCIYMlyw_D4ulaDCc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5affe49e837dec948b4359f57cb53fc5531d24951c986b66feb6c4155e35791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 17:44:58 GMT
x-content-type-options: nosniff
age: 599429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37078
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 04:48:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 13 May 2024 17:44:58 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B56 34 KB
35 KB 85ms
32ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRWXhvU8bvjw9uzofu8M3D-qlMVmvGhHkdEXellBOHVvMgvtJj4PK17Uajq1WQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a2dc48b027244be03aea9d09e5dac58aea28fb443895e9204655d48e19e6919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 17:34:58 GMT
x-content-type-options: nosniff
age: 81629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35267
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 08:29:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 May 2024 17:34:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B56 28 KB
28 KB 77ms
24ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRHMWhGXKbwrhAPvSclVdB0C8eDrHwTELKfIQBBOkOPK3vPhb6ccxldPDrjnt4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4868ffa8d2a8480924783231b35f45bfb6fcafa6cdf488ed2aa30b4e7e908f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 17:38:12 GMT
x-content-type-options: nosniff
age: 599835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28656
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 08:50:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 13 May 2024 17:38:12 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B56 29 KB
29 KB 75ms
22ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSlhnooGo2Bqnr7Tm47EpufdCeq553XY4bnKa8d7Vmx6KNzD_WR6pjm7OJaxII&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf464237e4c62be872fce494af1a1b80311ee522863819958f48df79eb7808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:01:46 GMT
x-content-type-options: nosniff
age: 94421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29184
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 02:09:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 May 2024 14:01:46 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B56 19 KB
19 KB 75ms
22ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSRs919bZy2AsC2VoZa1aqkJD-tzhO_eFpKn0-tCemSjOKg8i13KBb8w2rbHAk&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bcf3c2230edf577fc97c406b9f305c017cc210f987d4583e28a384af6dd987e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:34:19 GMT
x-content-type-options: nosniff
age: 157268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19698
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 11:25:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 May 2024 20:34:19 GMT

GET
H3

200

2922712648441191968
tpc.googlesyndication.com/simgad/ Frame 1B56
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODc6om8ExDQDxjQDzII2HgXJ68Yfk8
https://tpc.googlesyndication.com/simgad/2922712648441191968

35 KB
35 KB

21ms
20ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2922712648441191968

Requested by

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77d21237f69d3e5ef999991673a971d7b01aa4a246280c31bcdba951b9efe6b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:32:52 GMT
x-content-type-options: nosniff
age: 92555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35454
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 13:27:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 14:32:52 GMT

Redirect headers

date: Sun, 21 May 2023 09:38:14 GMT
x-content-type-options: nosniff
server: cafe
age: 23833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2922712648441191968
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Jun 2023 09:38:14 GMT

GET
DATA 200
OK truncated
/ Frame 1B56 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bf9147cacfc95ee35e513b6ceb20fd2ba12f9b880d54b5e80697c097e60ed44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
www.facebook.com/login/ Frame BAA0
Redirect Chain

https://www.facebook.com/v2.8/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4e8f7410b401c%26domain%3Dwww.zdrave.net%26is_...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fver...

0
0

127ms
126ms

Document
text/html

2a03:2880:f128:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df4e8f7410b401c%2526domain%253Dwww.zdrave.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.zdrave.net%25252Ff631149cf0cd0c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdravenet-102162099889218%252F%253Ffref%253Dts%26locale%3Dbg_BG%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/bg_BG/sdk.js?hash=758ff5e729d8e488963ac012f1db7c8b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f128:83:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 May 2023 16:15:28 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: dMwLObOJyVD84pClNxrM5TGPcLouck5j4hkZdM8UtU0yp/yjTJd+s1v/aUFrbLfIUNOsB39Bs3kris7GLWNIAg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 16:15:27 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df4e8f7410b401c%2526domain%253Dwww.zdrave.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.zdrave.net%25252Ff631149cf0cd0c%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdravenet-102162099889218%252F%253Ffref%253Dts%26locale%3Dbg_BG%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26width%3D300
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: b55WYlc3flZudJNHeHggl5Beox7Mq0UI3RUOgO1DLwqYDORsfBAP0twa6zJIb521bivdL5AYS8aMQRrxUpL3KA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 81ms
65ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47144a0573fd43c15fab572af19d528f172a2fa10ab3bad01d21637960e3ab0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11350
x-xss-protection: 0

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 35FA 37 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 11:11:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 11:11:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 May 2023 16:15:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 092F 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 13:30:12 GMT
expires: Mon, 20 May 2024 13:30:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 225E 783 B
968 B 22ms
21ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55a98806236626e3afbf5a67adcb17592cb432c5edf561edcdd536b34794c0c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a9pnFlN_f7aWPdITkP7R2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-a9pnFlN_f7aWPdITkP7R2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 16:15:27 GMT
expires: Sun, 21 May 2023 16:15:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 092F 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 11:11:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 11:11:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 225E 0
0 42ms
41ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=2697168977454759&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 092F 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sSBjkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 16:15:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=2697168977454759&bg=!tbaltuLNAAZ8_aWmXP07ADkAdvg8WkG1jn2I2xFSiUmlvDeItrRtBzNe3dwT6KHlG6qAz5z2NtjxV_CIzRwDsAlAuwNRtTYU82YCAAAARVIAAAACaAEHCgCxw72bX2xxpFtsRJ1tI6KZd1NPj7_kvwjU4U5qJHfL-twd3hQwXtoIqnRrZbXC7qivbtaa3_wslXX2mJpZVtxSolio9JowxCX9kDHYBZR34I3r9RDaFguFrVTgQh1Ut1XaTlPG2SFvOHlMeDArVCT2WcqKmDHeUCP76RzMvOC7LHGnYk6VFRtLrLwXBnKbOueALnAGr8B8kxtLi8tDOOEtrosz0kH3EVJSa7uiUtG-2gSfmQKSXDSIgR5FaJ0me3d3G5-PfsiJtpqhMdL3gpFWDLfK_xpXECn3w-OGf_-pYa7V_RGUa2CKw7R-LKVFX6-JczL46QCfFoQESPUIaYMJZqAjHgDKyBdrWBXkZpYyUVhJ4C45ZGsjVLAA7P_Mm50qZ959mJ_X-MofUj8tCoVBQ79lPyx7KX_wp0tkSSGyS4LUpoOvjmsVgoN8EwDNogIhihQDuCF5H6mP6FETw0A912d_xEbeRZC0I4WKHg-XxvAPkSa5DKa2yIrb2F0ngHcBNyZOE22rhbDEu5l4lwlUwjyKz7fWtuGafOGRgyqE2846z1JHUK-l-pB4pZcfetq1C2tFZ6i9URq3onRLZJCPEZxkE0P3ex9qTSAFv5y3j3kYZYLK2tweVApmUXqMvWmT0dYfiB_JivjqBcu7HBrlnzFKLuJH0Rf31xddFxoWk8_-G2s93FG8MKjSCQh4SOPeUMU3SHfLOeZoudExI9thJjtJub-vzcDH1snHe42TlkCYnmSB4umtfL8fnCOOtG36F2wq8sCz9XcLtU3fv_YJMqn_dL2nbRtfdnVQdT86XZtgqEUZRzk4f8GbXCtfP4NbEPVedZml4TwFPbziEAg_HBMGJiVn---3-cS0vV3YfBo7kXoY3rQ3opn47hCCEmVTEFDhPHO22_-jNhVUjIJ9u5_KcabqCs0f-9XfegXKvSdbAB46iHacZfiXkdLoRIgZhsQ5aWvFy32tqjIlI9GB0xp_RqhYfjqgYyoAEXmPWwsqmg3X9iucMa1N_uJjhtrZaNpP2BKs6PvLtAwHkT0Wlr7GFF2BKApvpwg7-cP8zHB-Vi7yY3WwKpD-jIzO9jxCYCAl3wcXgTJtQDxizrKh9Xh6fjYxdQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B56 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstalnYcYifbFTR46uhSGoIStorTZJr4FhW6Gt-13RIV_jzgBrfkrIsLM0tc7y728m4YZsPd79k45QeSqgZjhyYlgMMKDTDTVpKZDr_lQ-XP9Loqqku3m1OxXlMSDintHHXDfKe06Q&sai=AMfl-YQlRFRWSTlxY1PsXnzL0mcy1dc3YqOieREwzicPxbY-zPoEXEnvcLDq_kzzWpR9V9W7W1PzukvIYmV_&sig=Cg0ArKJSzGg4smfYf3hQEAE&cid=CAQSGwBygQiDpuy4AOmSUnh6Ggb-lc8VG5olDrrBGBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=621980329&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684685726655&rpt=1119&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 16:15:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zdrave.net/	1969-12-31 23:59:59	Name: zdrave.net Value: 7mv0cn66edbj2v4kl99qou9d20
.zdrave.net/	1970-01-20 21:34:05	Name: _ga Value: GA1.2.1662213786.1684685726
.zdrave.net/	1970-01-20 11:59:32	Name: _gid Value: GA1.2.1521518960.1684685726
.zdrave.net/	1970-01-20 11:58:05	Name: _gat Value: 1
.zdrave.net/	1970-01-20 21:19:41	Name: __gads Value: ID=d2097fd08666b8d2-223600afdedd005e:T=1684685726:RT=1684685726:S=ALNI_Ma2oakqQtRANQ3GkdU69okMaqV-3w
.zdrave.net/	1970-01-20 21:19:41	Name: __gpi Value: UID=00000c18d3fb4e32:T=1684685726:RT=1684685726:S=ALNI_MabJe2KyFRnoMlCN5vwV_FsUF1lnQ
.doubleclick.net/	1970-01-20 21:19:41	Name: IDE Value: AHWqTUk06ym8zOAz_VfDE8r_FEjAfjQLVMMUGg_dxzsjkTvZ27ipvQUSwUIxUeC6dyE
.doubleclick.net/	1970-01-20 11:58:06	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442 Message: Mixed Content: The page at 'https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442' was loaded over HTTPS, but requested an insecure element 'http://zdrave.net/images/icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442(Line 391) Message: Mixed Content: The page at 'https://www.zdrave.net/%D0%9C%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%80%D0%B8/%D0%94%D0%BE%D1%86.-%D0%A8%D0%B8%D0%BC%D0%B0-%D0%9C%D0%B5%D1%85%D1%80%D0%B0%D0%B1%D0%B8%D0%B0%D0%BD--%D0%9F%D1%80%D0%BE%D1%83%D1%87%D0%B2%D0%B0%D1%82-%D1%81%D0%B5-%D0%BD%D1%8F%D0%BA%D0%BE%D0%BB%D0%BA%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D1%82%D0%B5%D0%BB%D0%B0,-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%BF%D1%80%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D1%82-%D1%85%D0%BE%D0%B4%D0%B0-%D0%BD%D0%B0-%D0%B1%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D1%82%D0%B0-%D0%BD%D0%B0-%D0%90%D0%BB%D1%86%D1%85%D0%B0%D0%B9%D0%BC%D0%B5%D1%80-/e18442' was loaded over HTTPS, but requested an insecure element 'http://zdrave.net/images/icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.zdrave.net
zdrave.net
193.107.36.30
2606:4700::6812:bcf
2620:1ec:4f:1::44
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c02::9b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f128:83:face:b00c:0:25de
04b75c37a7d5b3be61e313fd0dc248329785547e15283a83ffbbb9886c0aac44
0688cbfdec8ee6107a902952344d60e91f2681c2ba7978733c13d7c392e79707
0878b7a70b07f41f8dffb16561bb8a07da29a2e21c353e30de2141cd90c298f5
09f87e0fec746de870049d9fc6ff4e4edf1126968dce6fd0ca8892f7af2705c7
0aecfb25b75ea853c7bdd9f2ae4620cc1f8f63942127014ff31f28564e006ecf
0bc82e5f6d320a81e8c6edbe151bfba315689624afc5145f1e8859bba92da33d
10ee8f3e532d9a8724115443764ebcd909ba09e78576b581eb63a3178e612c8a
1369787835af869aff7b52ee93d7a13b1f92b3492e9a1f0bf03e32c41d5780e2
13d856669dc58286db20494f69beb7ad68923c4b5e5efb0b12aef8914c5d5151
228e9dd4e078fe52e43b810921090514479dc64e7a5f49adf088a8db9324ec6f
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
2655b07df11c02a7f6625c88a67fd24d543e2e0e9a1589e971bcc9beadccdb97
28410b7bcdf8824fa405fe091d2f401c5b71e36ee5e431dc6a944cc22464de0c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
396b648d43188cce8b04129d6084ef3581feecde5d7248f6b15621947d57c2f6
3a2dc48b027244be03aea9d09e5dac58aea28fb443895e9204655d48e19e6919
3cdb3d4bd2db19e7cfa2aec8e99af2f61e0ab76c15acc87df782cc231dda1b83
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
46d5ada7d42ccd1d918e9097eb2e58f0fbb8d7ebf230bff43fee1946c669fde7
47144a0573fd43c15fab572af19d528f172a2fa10ab3bad01d21637960e3ab0c
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4868ffa8d2a8480924783231b35f45bfb6fcafa6cdf488ed2aa30b4e7e908f8c
498288a8a7c75ee136fca9a5f1e6d2b5c451db4591d91418abfc16d2cfb67724
4bcf3c2230edf577fc97c406b9f305c017cc210f987d4583e28a384af6dd987e
4e77b5b69c7832c8071887145673e6780e18ded026b287adca8e771d808decf5
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
537adc53974c39d0a408e195d31100c7363c001637169fa6c7b8d5aefdc7660d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a98806236626e3afbf5a67adcb17592cb432c5edf561edcdd536b34794c0c9
599411752c0cbc0680d552dce5faeda913b91f9e4879eed770533c30395a0ca7
5ab8a6d729d40258c07b55b51f4ee107727ac32c83f2475f875ad48cd0dcee9e
5f298c5f7b81a280b862dbf20a96c7bc4a5956bb3681180b27a505895da08291
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf464237e4c62be872fce494af1a1b80311ee522863819958f48df79eb7808
6847fba5c78232ebd70ccc160948b4290b21425ca15970e4fab8cd7b17148c73
6bf9147cacfc95ee35e513b6ceb20fd2ba12f9b880d54b5e80697c097e60ed44
733714607acfa84239ae2242f87f105f82ca50b77ad89ab5063f6280bbae1d47
749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
776caf23f2dd61692e8bf8ec85e98407dcdf172758472b2166b12e659853e098
77d21237f69d3e5ef999991673a971d7b01aa4a246280c31bcdba951b9efe6b9
816e92d1f0edbecbf8114c896056af798497ea6c477d3db33c659cd931ed30cb
838478d625f1201ef42210a07b0a252919587d9e0aaa79c25dc47409e58f611f
84b871d5eb4a2dcc2a79dcddc492dfda7e095066914ef8e7fd481c2a31ffa9c8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89af7a7549ceee25d5637cdc5c2ecfb1740489f78344636fb298d97f10d43abd
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9c068a865a7c0af3d84d26f43104ed3288d3e476a900691a7c37076534bf8e58
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a2f9715182c9ec076818f9f7c3291f1d03da74d0edf4a12f7c69d62fa65481dc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52e781c2a4db6781cc86beebc89d121a183b8a48dac796eca08de3b4c0b3260
a5a177c215b89cccf0a6dc99c27e896853a287f0e822ff64682fe36a8e16d405
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
b86d7688284b356fc73bf814453d2e5f81c3e42403967512a7b51516bb436892
c1af62cdf1f4e8fc4d90e9111efba5d616ab38f1ba50df1edfd180dc47051828
c318714f0ec6a40faa4c30ae5c6beb71661d82568f18565219bfb1550224462f
c32886a5d00d2b4761daaa1cabb05eb082e41eb34943699ea64da7b27a8518a4
c3ddaa5eecec0e0081656dd442d14e03fcd302b4400d8b8af9e62d25b27a68b7
c406a9b6bbf5c1d7a070ca7d6d7c579cb57bacfd8b47c30f9598de88833937bd
c6b16c1f0ed9249a4c2c2da6b7ebc2e25aef5998ddb8b311e312a9cfe20247b4
c773b91e26daea237aa7ca4b8319ef795589bc46983732ec485694138a95a384
d3a7933ceea5975f066f9787abf8b060585444d1cb6bf8d8d6993e8421cbe405
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
dd0ec7f0f8417e2c61c2b9d212af97be19f46b25e1a29c1a7e6737d25103917a
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5affe49e837dec948b4359f57cb53fc5531d24951c986b66feb6c4155e35791
e6776a7594a2024babdfe16f8085fb1b252f1abee124c62649765fb362aaa7d0
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e922c29650768eee04e952c7b49e2c80d181ae7d4c00044a18191936093cfd6a
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebab5a63c938ec55a25f263fee1d67b667b14afc19c6178aaf19a3b2f5724542
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c6f20553ff54fca6c9488f9a00538aace518a80cccf750cdc703654b1a292e
f1f12216b8d744cd13ba418207fa624ede6557b891760355f09d2869c861e416
f449d1503fabfc8367b7e1698ae3d62c4a5b4c1cd88fe05d0b00881d6fcbb0c8
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5d33843676c056c526519807e3b3a50fce4b3b1d28a3e496e211d281be7e2bb
f6e6967c12c98373a9bf1252d3491517032f8cfd9cd203885eb274df35180f1f
f8c911058e8c282bc63fa4d56f94dec086ec285897ae30a004ee2530bb579723
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
fe33791d0ed4232d5f276eb5d3ee5b844128c79cd09722b338e43abed2695b26
ff49ef60cf91b017a1b745c0fd09acce50a695fd20aa0f27a3a60f274c19ad41

www.zdrave.net Open in urlscan Pro 193.107.36.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

97 %HTTPS

95 %IPv6

14 Domains

23 Subdomains

23 IPs

4 Countries

1605 kBTransfer

3050 kBSize

8 Cookies

12 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdrave.net Open in urlscan Pro
193.107.36.30 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

97 %
HTTPS

95 %
IPv6

14
Domains

23
Subdomains

23
IPs

4
Countries

1605 kB
Transfer

3050 kB
Size

8
Cookies

103 HTTP transactions
2 data transactions