urlscan.io logo urlscan.io
SecurityTrails logo

zdorovia.com.ua Open in urlscan Pro
91.210.190.92  Public Scan

Go To Rescan Add Verdict Report
URL: http://zdorovia.com.ua/
Submission: On September 11 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 17 countries across 84 domains to perform 572 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 91.210.190.92 48440 (AS-EKVIA)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a03:90c0:41:... 199524 (GCORE)
2 104.18.3.81 13335 (CLOUDFLAR...)
2 4 88.212.201.204 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
5 27 51.83.220.94 16276 (OVH)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
4 13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18 146.0.227.109 20773 (GODADDY)
13 146.0.227.107 29066 (VELIANET-...)
5 77.123.132.26 35680 (VOLIA)
4 198.47.127.18 3257 (GTT-BACKB...)
8 13 185.89.210.153 29990 (ASN-APPNEX)
1 3 185.184.8.90 204995 (RTB-HOUSE...)
1 2 37.157.4.39 198622 (ADFORM)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 13 185.172.90.251 49981 (WORLDSTREAM)
4 2a0c:5c81:512... 55081 (24SHELLS)
10 51.75.86.98 16276 (OVH)
1 3 194.247.175.19 196831 (BEMOBILE-AS)
2 2 188.42.191.196 7979 (SERVERS-COM)
4 8.2.110.114 46636 (NATCOWEB)
3 2a0c:5c81:514... 55081 (24SHELLS)
2 8.2.110.206 46636 (NATCOWEB)
1 183.110.238.136 4766 (KIXS-AS-K...)
7 7 35.158.39.190 16509 (AMAZON-02)
1 1 37.157.3.28 198622 (ADFORM)
2 193.200.65.6 6681 (GIVEME-CLOUD)
1 2 116.202.236.172 24940 (HETZNER-AS)
2 82.145.213.8 39832 (NO-OPERA)
3 5 104.18.18.126 13335 (CLOUDFLAR...)
1 104.18.19.126 13335 (CLOUDFLAR...)
2 2 3.126.56.137 16509 (AMAZON-02)
4 216.52.2.30 32475 (SINGLEHOP...)
2 83.222.114.189 42632 (MNOGOBYTE...)
3 3 199.115.119.227 30633 (LEASEWEB-...)
1 1 168.119.168.187 24940 (HETZNER-AS)
2 2 54.229.65.185 16509 (AMAZON-02)
59 2a00:1450:400... 15169 (GOOGLE)
9 25 34.200.207.25 14618 (AMAZON-AES)
12 185.172.90.250 49981 (WORLDSTREAM)
6 6 23.75.240.210 16625 (AKAMAI-AS)
12 23.205.235.133 16625 (AKAMAI-AS)
4 205.234.175.175 30081 (CACHENETW...)
2 29 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
4 20 62.149.1.122 15497 (COLOCALL ...)
4 88.221.168.201 16625 (AKAMAI-AS)
2 67.202.105.31 32748 (STEADFAST)
2 3 35.227.252.103 15169 (GOOGLE)
2 2 3.127.154.94 16509 (AMAZON-02)
3 3 213.19.147.45 3356 (LEVEL3)
4 35.71.131.137 16509 (AMAZON-02)
6 2a02:6ea0:c70... 60068 (CDN77 ^_^)
6 178.250.0.165 44788 (ASN-CRITE...)
8 23 142.250.184.226 15169 (GOOGLE)
4 6 35.227.248.159 15169 (GOOGLE)
4 6 37.157.3.29 198622 (ADFORM)
2 2a04:4e42:200... 54113 (FASTLY)
2 2600:1f18:659... 14618 (AMAZON-AES)
5 185.64.190.78 62713 (AS-PUBMATIC)
4 4 2a05:d018:24:... 16509 (AMAZON-02)
4 4 52.213.133.86 16509 (AMAZON-02)
2 54.78.254.47 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
4 4 34.111.131.239 15169 (GOOGLE)
4 4 185.86.137.132 201081 (SMARTADSE...)
4 8 52.213.127.205 16509 (AMAZON-02)
2 2 212.82.100.182 34010 (YAHOO-IRD)
2 2 54.171.98.27 16509 (AMAZON-02)
3 34.98.67.61 15169 (GOOGLE)
4 52.18.211.80 16509 (AMAZON-02)
2 162.55.236.225 24940 (HETZNER-AS)
3 4 151.101.130.49 54113 (FASTLY)
2 13.32.99.43 16509 (AMAZON-02)
2 2 3.231.177.24 14618 (AMAZON-AES)
2 4 52.95.126.138 16509 (AMAZON-02)
2 4 69.192.160.219 16625 (AKAMAI-AS)
4 4 54.229.14.30 16509 (AMAZON-02)
2 6 69.173.144.139 26667 (RUBICONPR...)
6 69.173.144.165 26667 (RUBICONPR...)
24 2a00:1450:400... 15169 (GOOGLE)
8 13.225.78.37 16509 (AMAZON-02)
4 51.15.145.116 12876 (Online SAS)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 158.69.139.225 16276 (OVH)
2 2 37.157.4.41 198622 (ADFORM)
4 3.127.178.105 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 51.89.99.21 16276 (OVH)
2 2 52.48.82.83 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
4 172.217.18.98 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
572 86
56    91.210.190.92 (Ukraine)

ASN48440 (AS-EKVIA, UA)
PTR: internetmedia.ua
zdorovia.com.ua
nashamama.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
16    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.go2net.com.ua
cdn.admixer.net
2    104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)
i.i.ua
r.i.ua
4    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
27    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
1    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
13    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
18    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
13    146.0.227.107 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
ads.go2net.com.ua
5    77.123.132.26 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
4    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
13    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
13    185.172.90.251 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net
ads.us.e-planning.net
u-ams03.e-planning.net
4    2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
10    51.75.86.98 (Istanbul, Turkey)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
3    194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
3    2a0c:5c81:5149:0:c634:6bff:fefd:5008 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
2    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
7    35.158.39.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-39-190.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
2    116.202.236.172 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.172.236.202.116.clients.your-server.de
exchange.buzzoola.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    83.222.114.189 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
3    199.115.119.227 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
1    168.119.168.187 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.168.119.168.clients.your-server.de
bidswitch-eu.splicky.com
2    54.229.65.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com
ads.avct.cloud
59    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
25    34.200.207.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-207-25.compute-1.amazonaws.com
a.audrte.com
12    185.172.90.250 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: s.e-planning.net
s.e-planning.net
6    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
29    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
20    62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
sync.console.adtarget.com.tr
4    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    3.127.154.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-154-94.eu-central-1.compute.amazonaws.com
ad.360yield.com
3    213.19.147.45 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
6    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
23    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
partner.googleadservices.com
6    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
6    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
2    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    2600:1f18:6593:f602:82a0:df8e:67ea:6e72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    2a05:d018:24:b002:4b1d:b4d8:d7a1:7bd5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    52.213.133.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-133-86.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
2    85.114.159.118 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
8    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    54.171.98.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-98-27.eu-west-1.compute.amazonaws.com
aa.agkn.com
3    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
4    52.18.211.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-211-80.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    13.32.99.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-43.fra60.r.cloudfront.net
engine.widespace.com
2    3.231.177.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-177-24.compute-1.amazonaws.com
usermatch.krxd.net
4    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
e.dlx.addthis.com
4    54.229.14.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-14-30.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
24    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
8    13.225.78.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net
tags.crwdcntrl.net
4    51.15.145.116 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-116.rev.poneytelecom.eu
js.cookieless-data.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
6    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
47    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    158.69.139.225 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip225.ip-158-69-139.net
e.dtscout.com
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    51.89.99.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3163187.ip-51-89-99.eu
t.dtscout.com
2    52.48.82.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-82-83.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
9    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
106 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
2 MB
53 zdorovia.com.ua
zdorovia.com.ua
1 MB
45 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
202 KB
32 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 12294
file.adpartner.pro — Cisco Umbrella Rank: 211512
61 KB
31 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 36718
inv-nets.admixer.net — Cisco Umbrella Rank: 3544
244 KB
30 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365
eus.rubiconproject.com — Cisco Umbrella Rank: 840
pixel.rubiconproject.com — Cisco Umbrella Rank: 494
token.rubiconproject.com — Cisco Umbrella Rank: 1115
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3032
66 KB
29 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2852
mwzeom.zeotap.com — Cisco Umbrella Rank: 2511
9 KB
29 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 7606
u-ams03.e-planning.net — Cisco Umbrella Rank: 321060
s.e-planning.net — Cisco Umbrella Rank: 10459
i.e-planning.net — Cisco Umbrella Rank: 11359
15 KB
25 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2892
23 KB
20 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 5516
sync.adtelligent.com — Cisco Umbrella Rank: 6001
11 KB
19 google.com
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 142
5 KB
16 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1142
tags.crwdcntrl.net — Cisco Umbrella Rank: 1654
67 KB
16 go2net.com.ua
scripts.go2net.com.ua — Cisco Umbrella Rank: 587599
ads.go2net.com.ua — Cisco Umbrella Rank: 165636
175 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
10 KB
13 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 928
ads.pubmatic.com — Cisco Umbrella Rank: 713
image6.pubmatic.com — Cisco Umbrella Rank: 891
24 KB
11 adform.net
adx.adform.net — Cisco Umbrella Rank: 3113
c1.adform.net — Cisco Umbrella Rank: 1015
dmp.adform.net — Cisco Umbrella Rank: 5535
cm.adform.net — Cisco Umbrella Rank: 2156
4 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
197 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
9 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 420
3 KB
7 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 21954
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 18728
3 KB
7 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2371
adservice.google.co.uk — Cisco Umbrella Rank: 3503
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
263 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 949
pixel.everesttech.net — Cisco Umbrella Rank: 5042
2 KB
6 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 741
usermatch.krxd.net — Cisco Umbrella Rank: 1847
2 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 757
1 KB
6 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 7089
70 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
r.casalemedia.com — Cisco Umbrella Rank: 1020
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
5 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
71 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1452
5 KB
4 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 10761
2 KB
4 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 48103
855 B
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
3 KB
4 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 2430
2 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 28350
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 297
4 KB
4 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2044
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
1 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
1 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1694
2 KB
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 8635
516 B
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 5584
3 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
739 B
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1463
523 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2282
597 B
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 10441
1 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 113469
640 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 811
921 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
37 KB
3 nashamama.com
nashamama.com
40 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 480
fonts.googleapis.com — Cisco Umbrella Rank: 120
32 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 3095
1 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 885
577 B
2 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 11095
t.dtscout.com — Cisco Umbrella Rank: 9418
4 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 767
290 B
2 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 75870
413 B
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 3036
717 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2152
1 KB
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 9079
648 B
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 17009
822 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 918
222 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 848
656 B
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 5291
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4500
888 B
2 com.ru
rtb.com.ru — Cisco Umbrella Rank: 23317
220 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 3482
837 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 12727
543 B
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 69314
702 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 10970
1020 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2690
1 KB
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 105128
i.bigmir.net — Cisco Umbrella Rank: 221580
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
54 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 342116
r.i.ua — Cisco Umbrella Rank: 125360
4 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1531
464 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 2085
296 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1389
320 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 26029
219 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 15747
904 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
40 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 582
6 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
9 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
572 84
Domain Requested by
59 pagead2.googlesyndication.com cdn.admixer.net
file.adpartner.pro
pagead2.googlesyndication.com
googleads.g.doubleclick.net
zdorovia.com.ua
tpc.googlesyndication.com
www.googletagservices.com
53 zdorovia.com.ua zdorovia.com.ua
47 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
27 a4p.adpartner.pro 5 redirects zdorovia.com.ua
a4p.adpartner.pro
25 mwzeom.zeotap.com 2 redirects spl.zeotap.com
25 a.audrte.com 9 redirects ads.us.e-planning.net
a.audrte.com
zdorovia.com.ua
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
zdorovia.com.ua
20 cm.g.doubleclick.net 8 redirects spl.zeotap.com
zdorovia.com.ua
googleads.g.doubleclick.net
18 inv-nets.admixer.net 2 redirects cdn.admixer.net
zdorovia.com.ua
ads.us.e-planning.net
16 sync.adtelligent.com 2 redirects s.adtelligent.com
ads.us.e-planning.net
s.console.adtarget.com.tr
13 ib.adnxs.com 8 redirects zdorovia.com.ua
spl.zeotap.com
cdn.admixer.net
googleads.g.doubleclick.net
13 ads.go2net.com.ua cdn.admixer.net
zdorovia.com.ua
13 www.google.com 4 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
13 cdn.admixer.net zdorovia.com.ua
cdn.admixer.net
scripts.go2net.com.ua
12 eus.rubiconproject.com ads.us.e-planning.net
s.adtelligent.com
eus.rubiconproject.com
12 s.e-planning.net ads.us.e-planning.net
10 onetag-sys.com ads.go2net.com.ua
ads.us.e-planning.net
s.adtelligent.com
9 s0.2mdn.net zdorovia.com.ua
googleads.g.doubleclick.net
s0.2mdn.net
8 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
8 bcp.crwdcntrl.net 4 redirects tags.crwdcntrl.net
8 u-ams03.e-planning.net ads.us.e-planning.net
vid.vidoomy.com
7 x.bidswitch.net 7 redirects
6 www.googletagservices.com googleads.g.doubleclick.net
6 adservice.google.com pagead2.googlesyndication.com
6 adservice.google.co.uk pagead2.googlesyndication.com
6 token.rubiconproject.com eus.rubiconproject.com
6 dmp.adform.net 4 redirects spl.zeotap.com
6 pixel.tapad.com 4 redirects spl.zeotap.com
6 bidder.criteo.com static.criteo.net
6 vid.vidoomy.com s.adtelligent.com
ads.us.e-planning.net
6 secure-assets.rubiconproject.com 6 redirects
5 pixel.rubiconproject.com 2 redirects spl.zeotap.com
eus.rubiconproject.com
5 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
googleads.g.doubleclick.net
5 ads.us.e-planning.net 1 redirects ads.go2net.com.ua
s.adtelligent.com
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
zdorovia.com.ua
4 fonts.gstatic.com fonts.googleapis.com
4 ps.eyeota.net zdorovia.com.ua
a.audrte.com
s.adtelligent.com
4 sync.console.adtarget.com.tr 2 redirects s.console.adtarget.com.tr
4 js.cookieless-data.com s.e-planning.net
4 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects spl.zeotap.com
4 sync-tm.everesttech.net 3 redirects spl.zeotap.com
4 beacon.krxd.net spl.zeotap.com
4 sync.smartadserver.com 4 redirects
4 idsync.frontend.weborama.fr 4 redirects
4 dpm.demdex.net 4 redirects
4 sync.tidaltv.com 4 redirects
4 match.adsrvr.org s.adtelligent.com
spl.zeotap.com
4 ads.pubmatic.com s.adtelligent.com
4 spl.zeotap.com ads.us.e-planning.net
4 i.e-planning.net ads.us.e-planning.net
4 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
4 us.ck-ie.com zdorovia.com.ua
4 s.adtelligent.com ads.go2net.com.ua
s.adtelligent.com
4 image8.pubmatic.com zdorovia.com.ua
4 counter.yadro.ru 2 redirects zdorovia.com.ua
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 partner.googleadservices.com pagead2.googlesyndication.com
3 odr.mookie1.com spl.zeotap.com
googleads.g.doubleclick.net
3 sync.1rx.io 3 redirects
3 rtb.openx.net 2 redirects googleads.g.doubleclick.net
3 sync.lemmatechnologies.com 3 redirects
3 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
3 pa.tns-ua.com 1 redirects zdorovia.com.ua
cdn.admixer.net
3 creativecdn.com 1 redirects zdorovia.com.ua
cdn.admixer.net
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
3 scripts.go2net.com.ua zdorovia.com.ua
cdn.admixer.net
scripts.go2net.com.ua
2 gum.criteo.com 1 redirects static.criteo.net
2 e.dlx.addthis.com 2 redirects
2 id.rlcdn.com 2 redirects
2 pixel.everesttech.net 2 redirects
2 cm.adform.net 2 redirects
2 fonts.googleapis.com googleads.g.doubleclick.net
s0.2mdn.net
2 tags.bluekai.com spl.zeotap.com
2 usermatch.krxd.net 2 redirects
2 engine.widespace.com spl.zeotap.com
2 sync.richaudience.com spl.zeotap.com
2 aa.agkn.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 loadeu.exelator.com spl.zeotap.com
2 dmp.v.fwmrm.net spl.zeotap.com
2 trc.taboola.com spl.zeotap.com
2 ad.360yield.com 2 redirects
2 ic.tynt.com s.adtelligent.com
2 ads.avct.cloud 2 redirects
2 rtb.com.ru zdorovia.com.ua
2 ups.analytics.yahoo.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 t.adx.opera.com zdorovia.com.ua
cdn.admixer.net
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 m.trafmag.com zdorovia.com.ua
2 cs.mobfox.com zdorovia.com.ua
cdn.admixer.net
2 ads.betweendigital.com 2 redirects
2 adx.adform.net 1 redirects zdorovia.com.ua
2 www.youtube.com zdorovia.com.ua
www.youtube.com
1 mug.criteo.com
1 cms.quantserve.com googleads.g.doubleclick.net
1 ag.innovid.com googleads.g.doubleclick.net
1 t.dtscout.com e.dtscout.com
1 e.dtscout.com s.e-planning.net
1 www.gstatic.com googleads.g.doubleclick.net
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 csync.loopme.me 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 r.casalemedia.com zdorovia.com.ua
1 c1.adform.net 1 redirects
1 idsync.admixer.co.kr zdorovia.com.ua
1 static.criteo.net cdn.admixer.net
1 www.google.co.uk zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 static.xx.fbcdn.net www.facebook.com
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 www.facebook.com zdorovia.com.ua
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
1 ajax.googleapis.com zdorovia.com.ua
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
572 121

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-11-15 -
2022-12-05		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-20 -
2022-09-18		 3 months crt.sh
adpartner.pro
R3		 2022-09-04 -
2022-12-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-31 -
2022-10-29		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.mobfox.com
R3		 2022-06-28 -
2022-09-26		 3 months crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
rtb.com.ru
R3		 2022-08-12 -
2022-11-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
widespace.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-07-26 -
2022-10-24		 3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh

This page contains 124 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: 50A4DFCD73AEF75157661397C0673502
Requests: 143 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Frame ID: 7CC30CEDE4D077176DF66466E1E61C6E
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: C986B098D7184CBC09796042091D4CA1
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=34360240315586376&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=1&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 986697DEF4247D320ACB0D9B47A07D82
Requests: 3 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: D2E1495E5CC8B9922B4B1D858E6C92AC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 1878887B189E9152047CFAB3B46D2790
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: A7D57AEC5C6B99E355CDCECE3D19691B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: A422931743893D3701BDE3551BE26795
Requests: 8 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 5A9637709961FCB479ACB5164ABB6F98
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 314B167C1DD4E5D3840DD04CDC640B1C
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_34360240315586376&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D77a2724d956f31dbc21c89e7cf9c9800
Frame ID: 7DABBE8A1B8A3F174D28823FFF6F1C6F
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: BA44EFC7B90678E14794CE4A76025F59
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 76399C888866C7A01D51B4D54900199D
Requests: 1 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: 9A607C4193BEF42515589A8C013CB5F8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: F1AAF95CF124656B1487FA110046509E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 8FF8FB69BBEABF2D876C23BA188C7D9B
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 1DC092720D315C1C03B192EC93EE7623
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: C13AFF20541420055382F6177D001DDE
Requests: 3 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 740B747211273837B64F369BDF8EAC7E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 50230C040A1EEC6068F3922B64F0516B
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 66A8B22BF92CFBFC73F4864FEFA1A66D
Requests: 29 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: CA4F90B1FF60D48C3A25A766665F62C3
Requests: 8 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ccf96e1a-2078-49ff-887c-a269928c2859
Frame ID: 407F67AE09B558158B51689E3A57F0DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 3E89510B8D9279D111640F426D0E9910
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 15623612FAB558F5F99CAFAAB88C2D81
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 27589D5EBDA8841AB7934B979CA3FCA3
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 49C62BA48369FBC56D1EBBA236B7BB16
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 7199730B447855987CEE4B71BA0035C6
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: C5B0FE7BB2AD706856DFC4E134092AC5
Requests: 4 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D812D987C7DC934D519FBA1C7E4A16D4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 7DAD67609F8DB3362D2F4DA19A50092E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: C06A9CA84C092CDBBF6341BE497634DF
Requests: 29 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 216C0E1F65EDE43A2D6C4E45312D1466
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 0B78A08BAE8804438AA8CC72FC44F14D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 2C2788EC7682277AB9F67A48CAB8CD8E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: BEE99BD916BA85CD4DD79A38ACB89115
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: F5E886D320F1C8B9E324BA7388138CD2
Requests: 9 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 7DB2E4827AA56AECF3E60C5F95250291
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 582BD693A28E8FE7D7F335A699ABB001
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=2&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 0498059527C596A34AE4945FC9EB51E9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: FA998B70BEACA3FB640B25B14652BFE6
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 783766B78793F4BE8A626720E23ED73E
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: BDA0A043702F3A37A29158FA3BAB3024
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=1b32227e1595abe2&uid=f480e52263601e65ea80c40c597af449
Frame ID: ED261D8A60F607111FF385BFFAB410D2
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFw5CxjiqiN3b7ID
Frame ID: 56899CDE8B97F7266310AA3CE4C3FF34
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 00EACDDB01A0F9AFF2D762083A1A00E6
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: B3B0646A1C52AF019578DFB5677CC160
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=1b32227e1595abe2&uid=f66c2b0869940a26a878505394b8e720
Frame ID: F068ECB71C73C134C03A822D3E36B720
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AFw5CxjiqiN3b7ID
Frame ID: 849425830D662675AAFA20193ADEA9C0
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: DCC477B138D7770819B81BDC33CD44E9
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: DFFF908D46E4ECCA98C782C417821837
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 266AA4741D17F867DDCDA08616F79999
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 8DE75A857A28E311A930478B5EF4E0CF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Frame ID: 24A2A643994C8CC84E8EA9B0651127EE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Frame ID: 004B1BBE8CD581119AAEFBCBADD32E9F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Frame ID: 30D1BD2F7F3ACD79CF1A3BAE203F1817
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: EA0E65F8EF9A074BBADD9F223EDEB98F
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 0A5D7B72666FA7592608D1D1C0E3D436
Requests: 9 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 3E31D90316041C01410EA832269A8700
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 104ADC6F30887CCFC5DFD8AEC454BD8B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 3ACD8165906C1CF12C375582CA15CCC7
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: E18E1D7375E095B565C57A2F3673035A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 3B0474D2C68BFA197C46C9C588820440
Requests: 3 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 1AA08F09DD63592CD717AAF44693EA09
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: E448E80F1269B06CF7ECBB0C741BE18E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 517C7FAF260E222C9EADCBB0B5381E7B
Requests: 2 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fef92dcff-d21e-41da-b1cb-139f39f972fc%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA3LCJzaG93X2lkIjoiZWY5MmRjZmYtZDIxZS00MWRhLWIxY2ItMTM5ZjM5Zjk3MmZjIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd29386fba55598080f523e0953544562&showId=ef92dcff-d21e-41da-b1cb-139f39f972fc&apuid=c258bbdd-272f-4551-b560-ae15395fcb10
Frame ID: 34C542C288CE2A6B8D981F9520F96508
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522ef92dcff-d21e-41da-b1cb-139f39f972fc%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522ef92dcff-d21e-41da-b1cb-139f39f972fc%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 77D5F1889D51DE5EAD4004B54794EDD7
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522ef92dcff-d21e-41da-b1cb-139f39f972fc%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522ef92dcff-d21e-41da-b1cb-139f39f972fc%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 495BA6CF35DBFA20FE5C881030FF75E2
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 272BD13E6D806E663E11BC241EB3F854
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=3&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: BA0D3B6138A25719141650CA3B05AA17
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: D5E306E2576507EB2024A392BE2118BA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 8DB8D4FD81BF929A0E2DC17365375A46
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 919B92E7461AA0B0EAD6AF4D607F801B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 33E2275418983373DB99F87B451D384C
Requests: 3 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 9FC9EBC2ED391A814B99D0C38D25D067
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 666B849A88B3A9B93EE96459E72E61EB
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: F6B3708353B595827D05025656E28B4C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Frame ID: 5951D3B75F78DA29EC32E96D16E63D06
Requests: 11 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 4E60CEBEC279CE1F0B981380BAF5A1BA
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 229BB42E40733D4665C8E7C302173F4F
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=13ed070d5111ba56&uid=f480e52263601e65ea80c40c597af449
Frame ID: 80EAF3E879332793749209BDF73F74A3
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFw5CxjiqiN3b7ID
Frame ID: 0D249086A2FB525F406A894759630286
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Frame ID: 3EBDC62E2A48F3C3635EA5F7AF3C16D8
Requests: 15 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 2700BF72F679462FEBAE05C6A08DB244
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: D8ED31DA5A44164AFCEBE49786E7FBB7
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=13ed070d5111ba56&uid=f66c2b0869940a26a878505394b8e720
Frame ID: 8CF08D0C0D48F28F9EB7BC3BA984FE6F
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AFw5CxjiqiN3b7ID
Frame ID: 88733C1E48AEA632A16B3354780A9D91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 38146C9E537C1C869C1A96E6BAAC632F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C94589D378F3C9C4F9E0FDA11F91DC89
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
Frame ID: 0856D656A9AFF634450E55B7CD1E8C47
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
Frame ID: 3CDBFB9FF5465640A44BF75681748F99
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6188289F69259EB90F5BDDD60567C0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5359741FCA8DF510A3846928B86BCE68
Requests: 2 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F7093d442-3247-44b8-9b22-5a8ab7bb9451%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA3LCJzaG93X2lkIjoiNzA5M2Q0NDItMzI0Ny00NGI4LTliMjItNWE4YWI3YmI5NDUxIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc8478c0ab75e1f7741a3099710db4a12&showId=7093d442-3247-44b8-9b22-5a8ab7bb9451&apuid=c258bbdd-272f-4551-b560-ae15395fcb10
Frame ID: 42EC343B82E541C9F10AA6B98664BB5F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87BAD88604ECD480D854EC21C162EF01
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27124488EEB983FE997964F89986A103
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 398CA1049700A1FF02DE3566863A66E9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EA2C48E3DDD663071301E7546345F00E
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25227093d442-3247-44b8-9b22-5a8ab7bb9451%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25227093d442-3247-44b8-9b22-5a8ab7bb9451%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 804B3C251F01DC487921017FF332CB6C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25227093d442-3247-44b8-9b22-5a8ab7bb9451%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25227093d442-3247-44b8-9b22-5a8ab7bb9451%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: C19B5ECC48ED8182391CF1532262627A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0BB9E9CB0F9DDC39933EC82E536BF0A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BB131B9758FD91613D795CDB955A5C5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Frame ID: 5230124E458AF21C4F85DC83B34C2838
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIqco5cCELCmr98CGPWZ0dIBMAE&v=APEucNXmkd1jV-tHgBReEExpMH4_Z-k5emUUZm12NB2WdRWvntZRnwkyjWFHICQPyt2tIyHLDAufSDqsDhEK72-Zvm172czYP3GfhSnfYHumUDHYIUDz-3bRM9KOAK0bgrAyD1J89yIWRGijWBzMiESzoQgwuTRmzReRYKEJC0jdKSnI6c2K8TQ
Frame ID: 905E94A41A1EDCF0434EA69B0504E6A4
Requests: 5 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001662872608329D5A2E3765F634E2
Frame ID: 7C177524CD8E47908D584C9E08E7D4FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Frame ID: 14E4F486C4E20E9262D32689B8334E99
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Frame ID: 9BB809B9CEC0DBB785E449421D006377
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Frame ID: 7D92E8F92FE3ABB7125703AC7EB78BF2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Frame ID: BECECA137192BA1E458E3C25DF7A4A85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGI-UoMwBMAE&v=APEucNXsaNeWJ7_LVWtqXCHaYhF31zaP-HN6Ih0E0359GBrsQBy5wj6kpWyzhvlza0RqnBFnDkCoOr_LmU51pG4SkKW3tOfgeQ
Frame ID: 9750EC3207604D5A981C1C727D7DC60B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz6uvPzieEznXMCdPBN6BfF_MXrSxWjAmkA_xR6iKR611lvyRw5P9WVAYGtQ43c5ncdKldTImJHBRfp4MOD8IQaqLnQg&cry=1&dbm_d=AKAmf-C96mhgnmjXMlleUWxutu6grVDouWhQIGHbwWL7cHYwhnHQXs5RcVM1qVFEr2wCmR-2280L2K5B7HAz-dcrl7_R86PB1V3HW0_HaKd2U22c1MvU0Yc5txaJFwuq1Erof_NNeyskxWSXf-n22o_UcpyIt5oVarIQe5yv-dpi8Wo0BTClquS63wUiamB7qFbm4leNDcTZP4ghzXICKMgQMqS_IypwK9g1la3URKAaJNCDZWz68-VMwpzHKffhoTW5j9lzyuICzrrkICOOx9FNlpOZp2NfgI0N8zDkXrbEU0Qpd1-hd1RaP5UaFkaNn50y3D7YPwgBRvfaakKPa01z92MfvYIdnLDwq3vQxD2LDYoD4COF5_owZKfqu7slvUhMau_LGRNTO0eu5j1rVNtmAuuaqgcWHS9s-SmN9hJJzLdUew-wHG5t4aRZbxdTvXP-sJMBHCU6n0UGTlrMk_MXMGutOnMuHborYPDsjZOPtf4lLeMM5zB8XBSa1pPZ9e9NAVu0XpYNfS9VaYMQHymsNbIaNYUcjcbqyrtOu7y1tQX8wxdPsjaHopvi8bJwR9pJFUaymoAj6p5PJCX-AWwkD-CEIvWeePf7heU_bjgK5OxM2JD7oqU30KUMxa1OFO7QO4xaEQ-iwmqJXrvAFb5IrPPke_1om2-5CIv5u_oS2eGFrFjZhzrOwJE_gApurEilN8Aq82_1O5wrlhejSKQoJEF0qPy0gPBqEEYsSmD3LG2d5mYGbT9fstvf2BPc_kT85riXZCaNWIXuX-GNmN8Ts33_zErLzfmX2z_gpoL2FgiJeQFE-HAIdtKebRWi9dY5qNu7Mz2ddJQStMJNA5OTQ_64x5JjsYgRSMtpz9MkRX9T1Y9RDBiuPtQUakeYf7wFu7UQAveqCQMv2mnKT85Ni10fgkU144dc1Vn9IY_OxEiOWAADpUKOZYDWwAN0Py8h8I6q5G9Q4vwID13F_0DYlt-kI3CSyEXZS0F8nSTQz8Jf2g9lbHgD_GTAULRp9DK2fhbb9qk4Gjm1GsIq-eV4I0BZzZB-sRUD2fjAyPeSAdmWUpFEqebObBYC57-duw1emJ1dByvaeYqZMXQ_jI9qULFaei53C9eHTKMXnwERKbTRMXGCuypecKGF3wAiXOAnqNgoPzwtIU1BLiZc8E67Guaj59xu6SxH8tvlV3XB4M5UpgpZP9F6Ipv6ZO5MywhLXAK591y8QQx9PZCsR67qBYoYnQhWHJMbQPjUXGI6n_g_GgVFq-pJLhS1qI7V0SOEWrIuCO9LTMIyb-qoA-kWTNVmfhQsF5FKNuGDSKzTGf6UhPgjebLS03azmUbea1Ce17jQqdKx51GUoN9LlBGaHuByosh6_GrfYpBTHWUe2QmZM38Or2IpHgoUhn7L0NiNwMcM6B_QaEnEYb5kgoOR7mgniWkFJCeK3MN8QtBmlKiezDF1YkoxloViMXF7kJlnhfOp9-77SxufGes6CofNQn6gA6S0wCQf6sT5KfoFSV8Ul5jsmrdYrGN7U0XuQZ-k1iMIS9qPBd36hwRN57nqOVXSHOOIlX6308djFXTlj0MSqcetr_d2PkiLNzu2VfMOIxIw_Fgs9eoO1836TJAElY84RSJumndcRft_hWZbI0tMaXx59KI3oTG3rONnkYEcrVNrjyRhXkZLMUwV4c38TkKOE_5_ah6pO1ji90T3n6LKFgKMLO0BcCY5sQodPh-TSIr7-zWJrBdKm6h_ikTzwaDhZ6sVp0jPPCUnlcd5-VviLG2hPsmP9ZsUqfGGpI_Ma6CNyCKCYmwbiyllp9Yk1GOiMnL_-piZlYL-rCd44pmPz15Hk4GFO6HMiOBlsP8-uUHWSSOE_f0PCt_s0B8MPRBIiVeD9CLIfpeR4-tM8kRFhOJheQH7l6iMb-vDma7POyNnuKP_t_qZkWSotPSzAPcr3OUS24fj0OqQoh2Z4PXuAeMf7gGSATKEXChGosagFyNgQcSNXr2hFY1CZ9EJeJyx884Vxfh_xHGtw7t8WIIg3A-dU0SvqE2BGBp6DOPuMfGAdyTRVftY4ItuHhfvWZg_hlFIZOdPLhYV8hJRfRFzxlQ63g8UtXo2mim-4p-GMYArDhvyxnV2ZXVIUHTULXvow3C6Mfokrg49v34ZorHo7quIh6S_xjXr_2DzvQqeXehQF3zhMLVfNAY2HZmB0U6g2--zLuTSfGldpPIn0NOk7CeE29XdphH6Y0UR-YJRAJUGwPqR1DYsV4sLefLrr2zFFV0kMpgSvppjRNOttJMaw_k5LZvNvkzyRcqVY34KYcYTNuBAH44aQypz5FbEH85QA37Hv0zw0pVvw2YVrNxTDjlPakJJV1DfPIQnHglhHJg9qs4clOYM2GW5BnRO0LrTGgrs-OnksX1sKTgYXZPOP6vUHTyCK_C5X1-PGdPiy1iYi1_IyTNHWDfVueU9p8c-_8BpQcRKcu_8D4Mgst54b5c-IbKgpxWujW9OakEi3SUR0VqYTlf6l9my2oXyoQPS9Nq6mfk009UE10fWUFBaD7SXXgsoJE4JBbYieRuYTrArDF52HxmeKL0lKkxLsEHOAT2NnevDAnGM_8MgkjmjJ2j7dAeyMP3GV199LvfoTiJaW0HUW0JJyuQdNfo4dk5kpg-z5YSEzJ7YzRL_keziXvpRwkr9LaDvp2Y26Zwujvj5ohQkJt3v5h69fLcAnzaEGrVda3LE86rEPKsJG5vrzImqVvwTu5nVuKnTQqBK3rquL21iLrDWv4Izo12XGhfTcelRFFM25AD-_-iRmVOMylSCPIOLwpjNMY4uEswUrERjmzhBIUVFdI5jcJL7RT19_v5yADY4fzUGA6DFRSSR0233dJu5SRdXu6mOyJAc1yuQdLEixP2nSmK0pLaBMe9NtdoaSw7KXkElw3eqbfVojvso5cBrPL_uAd5sni2hQiWC0HNiidKTxZO0kXN1sTl6D_r0zZJg3JOBzwgNwcFdNlvwemtYZcyU1d27AJAvOLXtrRl0TFjOP_0w5MwzQX5PeBQnkEefV-9v9VZEC7hpfmiuBJeEVZsYP8I0DLHsqE524Wg2&cid=CAASEuRoiGcRsHyxqIqizy4eWwa_5iAN&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Frame ID: 4E4E1ED345565A5C66B56CD7875579BD
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 414B9C3A8D1EAE684604B54E8808D2A2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872608591&bpp=12&bdt=234&idt=372&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=8319949371909&frm=8&ife=1&pv=2&ga_vid=1033675270.1662872609&ga_sid=1662872609&ga_hid=1022233842&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=683743404&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=1548045983190275&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.k1jx1vqmbihy&fsb=1&dtd=377
Frame ID: F4C8207FD2CC996841B0CD198354FF17
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3203255CFAFFF6B3607373C9BDCCECA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DA87E7587C34A702D35EE64773E1674
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Frame ID: 11465E80DDC4162F1AC4486BE06BFADD
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6270CBE7EFA4A6C96F73B8F883298985
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 08F804A06B11BC2385344D79B254E86A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52862A2956BA4BC6208197388926EE65
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8F12B2515E6E81AB0C66BA39AFE930A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 782479B5DA681F741375D373BA7DBD7C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4C7D6621FE29B1DB0315158136CBDC8
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=zdorovia.com.ua
Frame ID: C416A07EDD835DF47B760073633C3446
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

572
Requests

75 %
HTTPS

28 %
IPv6

84
Domains

121
Subdomains

86
IPs

17
Countries

4827 kB
Transfer

10154 kB
Size

113
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • http://a4p.adpartner.pro/branding?id=1550&0.12084209842762506 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.12084209842762506
Request Chain 58
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 59
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7629600815152338 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7629600815152338 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7629600815152338
Request Chain 66
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n107908&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 70
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=916567850&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=1382693042&utmr=-&utmp=%2F&utmht=1662872605931&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1696631988.1662872606.1662872606.1662872606.1%3B%2B__utmz%3D148597372.1662872606.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1912021392&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=916567850&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=1382693042&utmr=-&utmp=%2F&utmht=1662872605931&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1696631988.1662872606.1662872606.1662872606.1%3B%2B__utmz%3D148597372.1662872606.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1912021392&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1696631988.1662872606&jid=1912021392&_v=5.7.2&z=916567850 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1696631988.1662872606&jid=1912021392&_v=5.7.2&z=916567850 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1696631988.1662872606&jid=1912021392&_v=5.7.2&z=916567850&slf_rd=1&random=1507647729
Request Chain 90
  • https://ib.adnxs.com/setuid?entity=533&code=2650b874216d40149f135c67cf7859db HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D2650b874216d40149f135c67cf7859db
Request Chain 91
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 92
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_727725&url=http%3A%2F%2Fzdorovia.com.ua%2F HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_727725&url=http%3A%2F%2Fzdorovia.com.ua%2F
Request Chain 94
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 97
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=2650b874216d40149f135c67cf7859db HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z85C2EC333B2445984B797926C71413B&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=2650b874216d40149f135c67cf7859db
Request Chain 98
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=d049377d-1527-52fe-83d4-1983e0c9759d
Request Chain 103
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=2650b874216d40149f135c67cf7859db&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=2650b874216d40149f135c67cf7859db&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7212381495254490937&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=7ed7d17e-2340-4908-b295-fd8e75af5fc8&gdpr=&consent=&gdpr_pd=
Request Chain 108
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=2650b874216d40149f135c67cf7859db HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=2650b874216d40149f135c67cf7859db
Request Chain 109
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=c258bbdd-272f-4551-b560-ae15395fcb10
Request Chain 111
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Request Chain 112
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-_B4mMp1E2uGpB9xTbnxBX0Y8KDzpwD5FHful2VY-~A
Request Chain 115
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D2650b874216d40149f135c67cf7859db HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=1221b59f-318f-11ed-9c9a-801844df0ab8 HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=7ed7d17e-2340-4908-b295-fd8e75af5fc8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=7ed7d17e-2340-4908-b295-fd8e75af5fc8 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=7ed7d17e-2340-4908-b295-fd8e75af5fc8 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=1221b59f-318f-11ed-9c9a-801844df0ab8 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3bd810cb-550e-404c-a941-155acb5e953f&ssp=lemma HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=7ed7d17e-2340-4908-b295-fd8e75af5fc8 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=2650b874216d40149f135c67cf7859db1221b59f-318f-11ed-9c9a-801844df0ab8
Request Chain 122
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 129
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1b32227e1595abe2%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1b32227e1595abe2&uid=7860071964432485354
Request Chain 131
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 136
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ccf96e1a-2078-49ff-887c-a269928c2859
Request Chain 142
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6f5e4de7-da3e-49fe-ad64-c324afaf1037
Request Chain 143
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=74d885a6-b5c5-4b16-9f24-19519f99385c
Request Chain 145
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7860071964432485354
Request Chain 146
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c258bbdd-272f-4551-b560-ae15395fcb10
Request Chain 147
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1662872606849 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6450993601
Request Chain 148
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7860071964432485354
Request Chain 150
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=2650b874216d40149f135c67cf7859db
Request Chain 152
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1b32227e1595abe2%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1b32227e1595abe2&uid=7860071964432485354
Request Chain 154
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 160
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 171
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=13c99a78-bebe-4449-8f9e-e6514da19c1f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Request Chain 177
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=045bf2b0-a51f-4133-83b6-7282d9d2a0db&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 178
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=110feb97-930c-42dc-52b1-8e4b4364ecc0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=110feb97-930c-42dc-52b1-8e4b4364ecc0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=85344708055734849892380772553784847816&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Request Chain 180
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7141983464483322009&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Request Chain 182
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=110feb97-930c-42dc-52b1-8e4b4364ecc0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=110feb97-930c-42dc-52b1-8e4b4364ecc0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361&bounce=1&random=2505632 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=D6ZwgLnuHxHtsnZs.BMFee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Request Chain 183
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 184
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=110feb97-930c-42dc-52b1-8e4b4364ecc0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=110feb97-930c-42dc-52b1-8e4b4364ecc0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Request Chain 185
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-7JRoE0BE2oqGThGRAxOTdUM_aDhOPcbrwQ--~A&zpartnerid=570&env=mWeb
Request Chain 186
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=mi8GSBHP8j2elPx2t68qcdZ0ZtEWYiZm%2BS41iYitP1U%3D
Request Chain 190
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361&_test=Yx1sHwAM9CaMEQAK
Request Chain 192
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PEm0oQur&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
Request Chain 193
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=110feb97-930c-42dc-52b1-8e4b4364ecc0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=110feb97-930c-42dc-52b1-8e4b4364ecc0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361&dcc=t
Request Chain 195
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Request Chain 199
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=13c99a78-bebe-4449-8f9e-e6514da19c1f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Request Chain 205
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=045bf2b0-a51f-4133-83b6-7282d9d2a0db&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 206
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=85344708055734849892380772553784847816&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Request Chain 208
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7141983464482732182&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Request Chain 210
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361&bounce=1&random=3065476435 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=D6ZwgLnuHxHtsnZs.BMFee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Request Chain 211
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 212
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Request Chain 213
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-ILgq8IxE2oqd9wi4ikoMiF7fNocW_RxE7A--~A&zpartnerid=570&env=mWeb
Request Chain 214
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=MjjoqVWHhTielPx2t68qcfIR3dm8nO4l%2BS41iYitP1U%3D
Request Chain 218
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361&_test=Yx1sHwAM9WWMEwAK HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yx1sHwAM9WWMEwAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361&_test=Yx1sHwAM9WWMEwAK
Request Chain 220
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PEm0oQur&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
Request Chain 221
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361&dcc=t
Request Chain 223
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Request Chain 259
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 289
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D13ed070d5111ba56%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=13ed070d5111ba56&uid=7860071964432485354
Request Chain 296
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6337032657
Request Chain 300
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=2650b874216d40149f135c67cf7859db
Request Chain 302
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 308
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D13ed070d5111ba56%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=13ed070d5111ba56&uid=7860071964432485354
Request Chain 325
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 328
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 332
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3Dc3f072f0-19fc-476b-7382-93d60731933e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=c3f072f0-19fc-476b-7382-93d60731933e&zdid=1361
Request Chain 371
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3Dcee5bd10-82e2-433c-7b40-4b96c6146ccf%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=cee5bd10-82e2-433c-7b40-4b96c6146ccf&zdid=1361
Request Chain 398
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
Request Chain 399
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62bb3e95d00ea4b3
Request Chain 400
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
Request Chain 401
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62bb3e95d00ea4b3
Request Chain 414
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7212381495254490937 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEK6dH_bKjrZMyjQZF1W0U_o&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=&google_gid=CAESEHnAQGQ6qZ5xwmv0kRoBqkc&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 419
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 421
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 437
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7212381495254490937 HTTP 302
  • https://a.audrte.com/p
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=&google_gid=CAESEK6dH_bKjrZMyjQZF1W0U_o&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 457
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4D__-gEG5F0xt2sgqH9T6U_C_rgLUi2b4Jl0kts5K90t9ebWazFq4z2tv8quyt1k2IpcqawN8j8THfdJLWqW1RY5qLqFm9qYw&google_gid=CAESED-F8Bia8vLAaepmeFu0r-Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXgxc0h3QU05V1dNRXdBSw&google_push=AehlK4D__-gEG5F0xt2sgqH9T6U_C_rgLUi2b4Jl0kts5K90t9ebWazFq4z2tv8quyt1k2IpcqawN8j8THfdJLWqW1RY5qLqFm9qYw
Request Chain 458
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4An78-FJev87Xjgg1JSfGz0M6Apj_WiWzm1LCk8P0tzzRc6yUseeA2eACkB8ik6UIIjE2ZV3TAX85ESWrrbpwVotqCtfKbKAQ&google_gid=CAESEM8U-S1chpv_Ts4bVmhJJok&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKDY9ZgGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BZWhsSzRBbjc4LUZKZXY4N1hqZ2cxSlNmR3owTTZBcGpfV2lXem0xTENrOFAwdHp6UmM2eVVzZWVBMmVBQ2tCOGlrNlVJSWpFMlpWM1RBWDg1RVNXcnJicHdWb3RxQ3RmS2JLQVE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTElLZm1KbWw1U0hORkU0MmJkZ1RsMDB4MEpCUGduUTNsRlBSRUVCeFJ5TQ==&google_push
Request Chain 461
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFTK6IZaXazkMykoyzlzaEY&google_cver=1&google_push=AehlK4BaYB-HIGCDo3cCMcFm4grWqq7aFH-gTN58KaeEGIgEnwmyeMnatEkedvz_RxeHW_LCW_XVgYWAHHKBoVa1vS1g5jLzMcCI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXVkYwSDEtRy00NTIx&google_push=AehlK4BaYB-HIGCDo3cCMcFm4grWqq7aFH-gTN58KaeEGIgEnwmyeMnatEkedvz_RxeHW_LCW_XVgYWAHHKBoVa1vS1g5jLzMcCI
Request Chain 469
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfIa_2Yav7u1Dz9l8hjw0&google_cver=1
Request Chain 473
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx1sHx0B6JWRY.o2BtkD7gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfIa_2Yav7u1Dz9l8hjw0&google_cver=1&google_hm=2
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJbT5UHZTte2oRTgcui8wN4&google_cver=1
Request Chain 475
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg2MDA3MTk2NDQzMjQ4NTM1NA%3D%3D
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=&google_gid=CAESEK6dH_bKjrZMyjQZF1W0U_o&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 481
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7212381495254490937 HTTP 302
  • https://a.audrte.com/p
Request Chain 510
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7212381495254490937 HTTP 302
  • https://a.audrte.com/p
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=&google_gid=CAESEK6dH_bKjrZMyjQZF1W0U_o&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 516
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4A_HFwVTfO2hjat2p4Rx59ky1aH9uzJytZxsYT8_tvQHldzO1QSoRHGykSQ_19By6wG9DJbWyU9c6E-Uc6ZIXbSHtaglcM&google_gid=CAESEKzX6c1ns8n4qUBJGAG5AFM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXgxc0h3QU05V1dNRXdBSw&google_push=AehlK4A_HFwVTfO2hjat2p4Rx59ky1aH9uzJytZxsYT8_tvQHldzO1QSoRHGykSQ_19By6wG9DJbWyU9c6E-Uc6ZIXbSHtaglcM
Request Chain 517
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DiegmEb7VQyxlDAhXtjsPRblj0yW2w_yHONeyOKJP2imGlcJUDzgMA5PS08fIw-FD2aWjHmP0EipgsZFQHUZy2KDvbAw&google_gid=CAESECZOlsq3ZD1d22h3-ianOyA&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DiegmEb7VQyxlDAhXtjsPRblj0yW2w_yHONeyOKJP2imGlcJUDzgMA5PS08fIw-FD2aWjHmP0EipgsZFQHUZy2KDvbAw&google_gid=CAESECZOlsq3ZD1d22h3-ianOyA&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTEwNTAzMjkwMDA3OTI5NzExOTUxNw%3D%3D&google_push=AehlK4DiegmEb7VQyxlDAhXtjsPRblj0yW2w_yHONeyOKJP2imGlcJUDzgMA5PS08fIw-FD2aWjHmP0EipgsZFQHUZy2KDvbAw
Request Chain 520
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELX2y5Wyw3eUO2FKVsg3tIA&google_cver=1&google_push=AehlK4CCyFrjZ4mJut0bsGqpvgrq7w1aVsjrEhgt5S7MMXQ9QSj5zdu3You_3aUk5JKNyd-LliSH4UT-JAPBJHrMPdBpRsuRvLc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXVkYwWUctQS1HUklS&google_push=AehlK4CCyFrjZ4mJut0bsGqpvgrq7w1aVsjrEhgt5S7MMXQ9QSj5zdu3You_3aUk5JKNyd-LliSH4UT-JAPBJHrMPdBpRsuRvLc
Request Chain 521
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEClo5zTZ5-gONfLJnewtfo8&google_cver=1&google_push=AehlK4Ck1jNhwuQ8vppvx9Ys6OpPkkcNXl7rrtOUelgjywtxlR_9NBnutHleoRi7usClXNpQ5rfGrPeh0tQYtb5SLIPg3J_IArE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEClo5zTZ5-gONfLJnewtfo8&google_hm=Yx1sHx0B6JWRY-o2BtkD7gAABzcAAAAB&google_nid=index&google_push=AehlK4Ck1jNhwuQ8vppvx9Ys6OpPkkcNXl7rrtOUelgjywtxlR_9NBnutHleoRi7usClXNpQ5rfGrPeh0tQYtb5SLIPg3J_IArE
Request Chain 568
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zdorovia.com.ua&sn=ChromeSyncframe&so=0&topUrl=zdorovia.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=q2sIhXxMT0VoTEJDNkVwY2ZwdmM2YTRmZ0FrMi9Scmxjd3M0MCs5RWFHS3RJdHVGbDN1QzA2eTgybktmN0U1V1dudmxCcTZndGZxSjNndjdhUjY3My9BV1VLL0k5dkFCVC90YW5kVVBEY1JnaVduazk5enRjZElGdXRuei9EWEQ1Mnkva2p5ZnlOVE5XRCs1NkthL2FTSkVadGZwc0tieFVoVDRKd25kU24rVGJlZmcrcHJEbWh3NTBUNEgxRXBZWkpES2xYSldsd2NnUVljd3J4aHQ5UWdGeXUyZFJBcUxYMWZ6TSt3TVQzMXgrNUw5Z3dLUDc0NmpEaUI3Q3RmWWJoYW5uMm9ZcTBkNmF1aFRZNldQWmdvV3Vudz09fA&cppv=2

572 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zdorovia.com.ua/ 		89 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
5d9fa58c3fcb0fdf23e693c4ef905cc95467c66d24cca9d119a33c39281eb675

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Sun, 11 Sep 2022 05:03:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Tue, 11 Oct 2022 05:03:25 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Tue, 11 Oct 2022 05:03:25 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		267 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Tue, 11 Oct 2022 05:03:25 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Tue, 11 Oct 2022 05:03:25 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/ 		64 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Tue, 11 Oct 2022 05:03:25 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 12:53:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
231025
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
30082
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 08 Sep 2023 12:53:00 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Tue, 11 Oct 2022 05:03:25 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Tue, 11 Oct 2022 05:03:25 GMT
media.js
zdorovia.com.ua/templates/default3/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Tue, 11 Oct 2022 05:03:25 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Tue, 11 Oct 2022 05:03:25 GMT
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
62dd7b0ccfa8bdaf6f9cca4f3138298c44e5bfe4da2af6ca6f400ac4f7ce8b6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Sun, 11 Sep 2022 05:03:25 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-07T13:45:10+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 26 Aug 2022 13:50:42 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
62dd7b0ccfa8bdaf6f9cca4f3138298c44e5bfe4da2af6ca6f400ac4f7ce8b6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Sun, 11 Sep 2022 05:03:25 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-11T05:02:35+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Tue, 23 Aug 2022 09:48:16 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Tue, 11 Oct 2022 05:03:25 GMT
aux-head-1565343326-20190809_abletki_t1.jpg
zdorovia.com.ua/uploads/dsn/30/60/026/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/30/60/026/aux-head-1565343326-20190809_abletki_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
46ccfecc58742c93070c0a1cba02a1668df9a61c6d80f33f6d29c8d694cbd0bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Fri, 09 Sep 2022 09:22:31 GMT
Server
nginx/1.12.1
ETag
"631b05d7-328b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12939
Expires
Tue, 11 Oct 2022 05:03:25 GMT
zhkvm.jpg
zdorovia.com.ua/uploads/dsn/28/92/002/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/28/92/002/zhkvm.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1e178b3f69e5657653742ecb5fb9755753307d57f18f7b266db6b0ccdfe5d2b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Fri, 09 Sep 2022 10:54:19 GMT
Server
nginx/1.12.1
ETag
"631b1b5b-4f74"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20340
Expires
Tue, 11 Oct 2022 05:03:25 GMT
97c0c2a-napoi1.jpg
zdorovia.com.ua/uploads/dsn/6b/b8/001/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/6b/b8/001/97c0c2a-napoi1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
47051ffe4c3e03cfe03e502825187de88bfb6cd710407cd3de40d2466c922351

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Wed, 07 Sep 2022 10:33:00 GMT
Server
nginx/1.12.1
ETag
"6318735c-47f7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18423
Expires
Tue, 11 Oct 2022 05:03:25 GMT
ai-217504-aux-head-20160809_produkty-t1.jpg
zdorovia.com.ua/uploads/dsn/ad/9e/002/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ad/9e/002/ai-217504-aux-head-20160809_produkty-t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ab420a1b05301d25dd20fcd88331d007bf6208241e9ea887b5e6fe3ff89f730b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Mon, 05 Sep 2022 18:27:47 GMT
Server
nginx/1.12.1
ETag
"63163fa3-70ca"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28874
Expires
Tue, 11 Oct 2022 05:03:25 GMT
kaum.jpg
zdorovia.com.ua/uploads/dsn/9a/0c/001/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/9a/0c/001/kaum.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
9a25acaf6a77dbbd05be0d8782dfb1828d0cae8ff279763601cb538bd0c85b8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 06 Sep 2022 06:33:49 GMT
Server
nginx/1.12.1
ETag
"6316e9cd-52c8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21192
Expires
Tue, 11 Oct 2022 05:03:25 GMT
aux-head-1638641467-20211204_son_krovat_3601.jpg
zdorovia.com.ua/uploads/dsn/8e/f2/003/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/8e/f2/003/aux-head-1638641467-20211204_son_krovat_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
86c3d46020d463f817ecdab0ea74b6e9174807260b3c39a513afe61189cca631

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Sun, 04 Sep 2022 17:48:54 GMT
Server
nginx/1.12.1
ETag
"6314e506-213b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8507
Expires
Tue, 11 Oct 2022 05:03:26 GMT
8a5e91f-vadimvasenin-depositphotos1.jpg
zdorovia.com.ua/uploads/dsn/7c/0d/001/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/7c/0d/001/8a5e91f-vadimvasenin-depositphotos1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
26af67314aa6015ce9c54945b3eeeb81f1d3834f065f2cb99b6c41a11691b6b2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Wed, 31 Aug 2022 08:09:03 GMT
Server
nginx/1.12.1
ETag
"630f171f-5527"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21799
Expires
Tue, 11 Oct 2022 05:03:26 GMT
ucsuic.jpg
zdorovia.com.ua/uploads/dsn/63/9d/001/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/63/9d/001/ucsuic.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d69f9244c8053f228c6e086a4106e1f696bb8ed21fe6e210e76b612cac784733

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Mon, 29 Aug 2022 05:56:43 GMT
Server
nginx/1.12.1
ETag
"630c551b-3fa7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16295
Expires
Tue, 11 Oct 2022 05:03:25 GMT
ulzhcis.jpg
zdorovia.com.ua/uploads/dsn/ea/cb/001/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ea/cb/001/ulzhcis.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d8ed748859a20af156216b18113f0837aa9d0ffeb1652af5925c3815a38e2182

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Fri, 12 Aug 2022 13:25:59 GMT
Server
nginx/1.12.1
ETag
"62f654e7-638d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25485
Expires
Tue, 11 Oct 2022 05:03:25 GMT
zhuliasi.jpg
zdorovia.com.ua/uploads/dsn/42/c5/001/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/42/c5/001/zhuliasi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Mon, 06 Jun 2022 10:12:41 GMT
Server
nginx/1.12.1
ETag
"629dd319-31cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12749
Expires
Tue, 11 Oct 2022 05:03:25 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Tue, 11 Oct 2022 05:03:25 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Tue, 11 Oct 2022 05:03:25 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Tue, 11 Oct 2022 05:03:25 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Tue, 11 Oct 2022 05:03:25 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Tue, 11 Oct 2022 05:03:25 GMT
kor.jpg
zdorovia.com.ua/uploads/dsn/3b/80/005/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/3b/80/005/kor.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Wed, 08 Sep 2021 08:44:53 GMT
Server
nginx/1.12.1
ETag
"61387805-4f89"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20361
Expires
Tue, 11 Oct 2022 05:03:25 GMT
doglyad.jpg
zdorovia.com.ua/uploads/dsn/dd/14/018/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/14/018/doglyad.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Fri, 29 Jan 2021 10:09:42 GMT
Server
nginx/1.12.1
ETag
"6013dee6-4655"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18005
Expires
Tue, 11 Oct 2022 05:03:25 GMT
b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
zdorovia.com.ua/uploads/dsn/41/69/002/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/41/69/002/b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Mon, 18 Apr 2022 19:59:33 GMT
Server
nginx/1.12.1
ETag
"625dc325-3b39"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15161
Expires
Tue, 11 Oct 2022 05:03:26 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Tue, 11 Oct 2022 05:03:26 GMT
back-pain-main-640x3601.jpg
zdorovia.com.ua/uploads/dsn/6a/ee/001/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/6a/ee/001/back-pain-main-640x3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
fc90b97c332ebea117c9304b72afcb165c336c08e9ab6db4a41bb71b54ba4f55

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Thu, 04 Aug 2022 08:37:07 GMT
Server
nginx/1.12.1
ETag
"62eb8533-3163"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12643
Expires
Tue, 11 Oct 2022 05:03:26 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Tue, 11 Oct 2022 05:03:26 GMT
aux-head-1527057397-20180523_zawtrak_t1.jpg
zdorovia.com.ua/uploads/dsn/7b/db/001/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/7b/db/001/aux-head-1527057397-20180523_zawtrak_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
5823febbfb1fc1db57624117ab49aadef78f2a3408c7c673b6d6f8d564b130de

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Sun, 21 Aug 2022 20:27:12 GMT
Server
nginx/1.12.1
ETag
"63029520-1cead"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
118445
Expires
Tue, 11 Oct 2022 05:03:25 GMT
ai-152923-aux-head-20150525_beer_3601.jpg
zdorovia.com.ua/uploads/dsn/87/13/001/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/87/13/001/ai-152923-aux-head-20150525_beer_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f92c42bfaeab3de1543e24d3471b53398620ec2ed60bfa43b8d14d269fe9a0d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Thu, 11 Aug 2022 20:58:53 GMT
Server
nginx/1.12.1
ETag
"62f56d8d-6143"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24899
Expires
Tue, 11 Oct 2022 05:03:25 GMT
gi-21001-105664-big1.jpeg
zdorovia.com.ua/uploads/dsn/4d/3e/002/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/4d/3e/002/gi-21001-105664-big1.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
df466fa3dfa5688021d72f1e41a7aa49c12b79943b37dc0846b5bfc2534d6d02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Mon, 15 Aug 2022 20:12:54 GMT
Server
nginx/1.12.1
ETag
"62faa8c6-7084"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28804
Expires
Tue, 11 Oct 2022 05:03:25 GMT
ai-234435-aux-head-20161215_produkty_t1.jpg
zdorovia.com.ua/uploads/dsn/29/38/002/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/29/38/002/ai-234435-aux-head-20161215_produkty_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d00a7d747022d19e7c8b897b1bef97aaddccbfeb9e475437566dabf7266e2777

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Mon, 29 Aug 2022 21:02:20 GMT
Server
nginx/1.12.1
ETag
"630d295c-66b0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26288
Expires
Tue, 11 Oct 2022 05:03:25 GMT
390162_3.jpg
zdorovia.com.ua/uploads/dsn/1a/ec/001/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/1a/ec/001/390162_3.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
405a2822f13160db99af498e688b4e7d8058f90306e5129d84c978c0677ff370

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Mon, 29 Aug 2022 09:50:26 GMT
Server
nginx/1.12.1
ETag
"630c8be2-6728"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26408
Expires
Tue, 11 Oct 2022 05:03:25 GMT
vaiavipi.jpg
zdorovia.com.ua/uploads/dsn/12/b6/001/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/12/b6/001/vaiavipi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
48f0be6fc284e26763ddfbc1389c6f0893a1e1ada34ec1c9862900216a875b25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Sat, 10 Sep 2022 13:55:54 GMT
Server
nginx/1.12.1
ETag
"631c976a-7d07"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32007
Expires
Tue, 11 Oct 2022 05:03:26 GMT
aux-head-1615201213-20210308_zdorovie_serdca_3601.jpg
zdorovia.com.ua/uploads/dsn/ae/56/054/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ae/56/054/aux-head-1615201213-20210308_zdorovie_serdca_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
5217a346bfde995972ffbca690e2517db4093be0ac357e5fb7fe7f10a6e6afda

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Fri, 09 Sep 2022 20:21:30 GMT
Server
nginx/1.12.1
ETag
"631ba04a-3300"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13056
Expires
Tue, 11 Oct 2022 05:03:26 GMT
picture1.jpg
zdorovia.com.ua/uploads/dsn/25/f2/002/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/25/f2/002/picture1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
3181a6a7a2c06416588a4e063835776a602124463e487821e85fcacfe653618c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Fri, 09 Sep 2022 10:28:09 GMT
Server
nginx/1.12.1
ETag
"631b1539-3bfc"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15356
Expires
Tue, 11 Oct 2022 05:03:26 GMT
1423595202_5141.jpg
zdorovia.com.ua/uploads/dsn/c2/e3/002/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/c2/e3/002/1423595202_5141.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e6c3b6feb38d27681b658abdcf4a0b477c68686e78c7b0794abe981dec40191b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Fri, 09 Sep 2022 09:59:29 GMT
Server
nginx/1.12.1
ETag
"631b0e81-61b2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25010
Expires
Tue, 11 Oct 2022 05:03:26 GMT
7ebb27bfdbd5ed2706c341ff2e859f541.jpg
zdorovia.com.ua/uploads/dsn/cf/90/003/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/cf/90/003/7ebb27bfdbd5ed2706c341ff2e859f541.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4eaea82dea4dd594eb694282b30d0b2a98e71c76ada9172745743da94ad855da

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Wed, 31 Aug 2022 07:59:10 GMT
Server
nginx/1.12.1
ETag
"630f14ce-614f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24911
Expires
Tue, 11 Oct 2022 05:03:26 GMT
26280a6-482031103-a9064a98621.jpg
zdorovia.com.ua/uploads/dsn/a5/a7/003/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/a5/a7/003/26280a6-482031103-a9064a98621.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
75ce665c38835e7f7d9550edc427b23a0b946e9f07bb0b3090e9be6549486590

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Wed, 31 Aug 2022 08:14:03 GMT
Server
nginx/1.12.1
ETag
"630f184b-4bc0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19392
Expires
Tue, 11 Oct 2022 05:03:26 GMT
cor_2_16159004911.jpg
zdorovia.com.ua/uploads/dsn/ee/06/001/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ee/06/001/cor_2_16159004911.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0193a52f03590d337d19fd289faaad667b39c6b98ba7d028c9590f209b612cbb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Wed, 31 Aug 2022 08:18:15 GMT
Server
nginx/1.12.1
ETag
"630f1947-575f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22367
Expires
Tue, 11 Oct 2022 05:03:26 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Tue, 11 Oct 2022 05:03:25 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Tue, 11 Oct 2022 05:03:25 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Tue, 11 Oct 2022 05:03:25 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Tue, 11 Oct 2022 05:03:25 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Tue, 11 Oct 2022 05:03:25 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Tue, 11 Oct 2022 05:03:25 GMT
3_1_3.png
i.i.ua/r/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Age
163426
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
748ddb59797435cb-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Mon, 04 Sep 2023 08:57:25 GMT
logo
counter.yadro.ru/ 		672 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
672
Expires
Sun, 10 Sep 2023 21:00:00 GMT
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f347fcfc50a2369431e1317fd620a222e26e33e775a3bc19d117dc015f0389e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sun, 11 Sep 2022 05:03:25 GMT
vast.js
cdn.admixer.net/scripts3/r/ 		136 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.admixer.net/scripts3/r/vast.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ID
fr5-up-gc17
Date
Sun, 11 Sep 2022 05:03:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 13:43:44 GMT
Server
nginx
ETag
W/"5a60a490-21e4b"
Vary
Accept-Encoding
X-Cached-Since
2022-08-23T09:36:31+00:00
Content-Type
application/javascript
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Thu, 24 Aug 2023 09:36:31 GMT
branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.12084209842762506
  • https://a4p.adpartner.pro/branding?id=1550&0.12084209842762506
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.12084209842762506
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
34d32d198ac914ad4a9d11d0a2269e8cc2c0c68a769585759078020987c4a6b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.12084209842762506
Date
Sun, 11 Sep 2022 05:03:25 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4843
date
Sun, 11 Sep 2022 03:42:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 11 Sep 2022 05:42:42 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7629600815152338
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Sep 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7629600815152338
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Fri, 10 Sep 2021 21:00:00 GMT
s
r.i.ua/ 		43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r.i.ua/s?u152465&p0&n0.8629442459630283&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:25 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
748ddb596c63549f-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:25 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Tue, 11 Oct 2022 05:03:25 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Tue, 11 Oct 2022 05:03:25 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/ 		251 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:25 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Tue, 11 Oct 2022 05:03:25 GMT
page.php
www.facebook.com/plugins/ Frame 7CC3 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b2a1c3c00aa27ba5b7aff91d06ddba6df439f59de660464e7d318a42eca2a90
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 11 Sep 2022 05:03:25 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
3e55uxgu+RWiQIMX/fV8kG/V0lOurqspS1rEAGirJ8yqQQRQ0fgAjjZI5KWVA4V/SJHiMUxMbIxh8dhqIZgXOw==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n107908&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Wed, 14 Sep 2022 05:03:26 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:25 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
link-arrow.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Tue, 11 Oct 2022 05:03:26 GMT
www-widgetapi.js
www.youtube.com/s/player/977792fa/www-widgetapi.vflset/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/977792fa/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d066e71f460f47d443274fbbb4b550bd1d68e2d4df4ad39e8117cdd3b3d9867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53533
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 11 Sep 2023 04:55:02 GMT
ttFuSqI_Wt3.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 7CC3 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ttFuSqI_Wt3.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
60ea33fa5064cec35e47e6c4b12abdbfe0c06b47d8cfee8e9496d1984e5df56a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
A/8HSk7A3GW+EcAgN0jv6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5406
x-fb-rlafr
0
x-fb-debug
55T7H2AWw177hLJ1eviEh/jNL5p44cBQeanSd1IJcv8cU+G2MnpddthcOFgVFYmbl97H+dNA9ZZk4Dj2oW2DjQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 10 Sep 2023 15:11:01 GMT
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=916567850&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=916567850&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1696631988.1662872606&jid=1912021392&_v=5.7.2&z=916567850
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1696631988.1662872606&jid=1912021392&_v=5.7.2&z=916567850
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1696631988.1662872606&jid=1912021392&_v=5.7.2&z=916567850&slf_rd=1&random=1507647729
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1696631988.1662872606&jid=1912021392&_v=5.7.2&z=916567850&slf_rd=1&random=1507647729
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1696631988.1662872606&jid=1912021392&_v=5.7.2&z=916567850&slf_rd=1&random=1507647729
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.425
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.12084209842762506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
cache-control
no-store no-transform
last-modified
Wed, 31 Aug 2022 13:16:12 GMT
server
nginx
content-encoding
br
etag
W/"630f5f1c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame C986 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.12084209842762506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 11 Sep 2022 05:03:26 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame 9866 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=34360240315586376&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=1&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.12084209842762506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
6d03236ed9095e8798e2d5fea4148ce1234c1b3f5cb9b4ac2e3ca96cd65d0688

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 11 Sep 2022 05:03:26 GMT
server
nginx
c.html
cdn.admixer.net/scripts3/49044/ Frame D2E1 		738 B
542 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"63049f42-2e2"
expires
Thu, 24 Aug 2023 09:38:18 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:18+00:00
x-id
fr5-up-gc28
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/49044/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:56 GMT
server
nginx
etag
W/"63049f40-5d41"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:17+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:38:17 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/49044/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:45 GMT
server
nginx
etag
W/"63049f35-12c39"
vary
Accept-Encoding
x-cached-since
2022-09-01T11:00:25+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 02 Sep 2023 11:00:25 GMT
c.html
cdn.admixer.net/scripts3/49044/ Frame 1878 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"63049f42-2e2"
expires
Thu, 24 Aug 2023 09:38:18 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:18+00:00
x-id
fr5-up-gc28
analytics.js
www.google-analytics.com/ Frame 9866 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=34360240315586376&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=1&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
86
date
Sun, 11 Sep 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 11 Sep 2022 07:02:00 GMT
branding
a4p.adpartner.pro/ Frame 9866 		1 KB
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=34360240315586376&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=1&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
cc97d2351c38cc3a52b8cf3fa51d2548b9c0b654e0e9e636799edee48606c5a7

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=34360240315586376&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=1&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
dsp.aspx
inv-nets.admixer.net/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4635180828198446&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%221efc0885-cc13-02d4-d623-50099c942f0d%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227de5426e-d332-ac64-bf5c-5023cec3cf45%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%223b2f9495-3e72-2f97-966d-a9260f7d1f4e%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22d4c53c9b-5595-ed1c-3a19-877633d8f0b8%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
d42cc20aa474e9559445bad60e1cddf4d57611e12c2964a4237c437ae7bfc6a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
1749
X-Xss-Protection
0
dsp.aspx
ads.go2net.com.ua/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=8864525625439115&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2242050f86-8d9f-3654-1a21-ababa5765c65%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238dc0f0f-021a-5d3f-dcd6-b7cc3d4003c7%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22265d498f-01b4-5635-fb50-c9b917745fdb%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
ad16ba41bfd749b84d3812064231f0540eb92202b60870d66d6289120f472eeb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3272
X-Xss-Protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame A7D5 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 11 Sep 2022 05:03:26 GMT
expires
0
pragma
no-cache
server
nginx
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/49044/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:35:01 GMT
server
nginx
etag
W/"63049f45-702f"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:21+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:38:21 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/49044/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:35:02 GMT
server
nginx
etag
W/"63049f46-a793"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:22+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:38:22 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/49044/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:54 GMT
server
nginx
etag
W/"63049f3e-326c"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:22+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:38:22 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/49044/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:52 GMT
server
nginx
etag
W/"63049f3c-2a79"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:22+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:38:22 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/49044/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:51 GMT
server
nginx
etag
W/"63049f3b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:22+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:38:22 GMT
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
content-length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=2650b874216d40149f135c67cf7859db
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D2650b874216d40149f135c67cf7859db
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d3f8212b-0177-439f-a5c8-8e01bd7e4038
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a9e3ef28-4fca-4336-bca0-af749cf41fd9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D2650b874216d40149f135c67cf7859db
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT, Sun, 11 Sep 2022 05:03:26 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Sun, 11 Sep 2022 05:03:26 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_727725&url=http%3A%2F%2Fzdorovia.com.ua%2F
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_727725&url=http%3A%2F%2Fzdorovia.com.ua%2F
28 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_727725&url=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c89adb6a38f363d68b48f7281b2d6c057cf8df24b3cb4f93ca2f6aefcc42c716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_727725&url=http%3A%2F%2Fzdorovia.com.ua%2F
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
publishertag.js
static.criteo.net/js/ld/ 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c1668d86b5d7e7ed9f1dd299ba412d92b3fc92256887fb4c0e1d197aae5e037c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 21:49:04 GMT
server
nginx
etag
W/"630fd750-1e137"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Sep 2022 05:03:26 GMT
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame A422
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
1 KB
1015 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=8864525625439115&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2242050f86-8d9f-3654-1a21-ababa5765c65%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238dc0f0f-021a-5d3f-dcd6-b7cc3d4003c7%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22265d498f-01b4-5635-fb50-c9b917745fdb%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
4730d2574ae3e652cdc2b9f013e45879baacf9a46086b5996f49de63476da1cb

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
expires
Sun, 11 Sep 2022 05:03:26 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sun, 11 Sep 2022 05:03:26 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
sync.html
s.adtelligent.com/ Frame 5A96 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=8864525625439115&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2242050f86-8d9f-3654-1a21-ababa5765c65%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238dc0f0f-021a-5d3f-dcd6-b7cc3d4003c7%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22265d498f-01b4-5635-fb50-c9b917745fdb%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d97ff0af3a6068985d710149cf1fe91469ddae60a8a0415f1e6b8a777442937d

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1275
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 314B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=8864525625439115&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2242050f86-8d9f-3654-1a21-ababa5765c65%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238dc0f0f-021a-5d3f-dcd6-b7cc3d4003c7%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22265d498f-01b4-5635-fb50-c9b917745fdb%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=2650b874216d40149f135c67cf7859db
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z85C2EC333B2445984B797926C71413B&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=2650b874216d40149f135c67cf7859db
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z85C2EC333B2445984B797926C71413B&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z85C2EC333B2445984B797926C71413B&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=2650b874216d40149f135c67cf7859db
date
Sun, 11 Sep 2022 05:03:26 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=d049377d-1527-52fe-83d4-1983e0c9759d
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=d049377d-1527-52fe-83d4-1983e0c9759d
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=d049377d-1527-52fe-83d4-1983e0c9759d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
sync.html
s.console.adtarget.com.tr/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=2650b874216d40149f135c67cf7859db&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11-Sep-2022 14:03:27 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=2650b874216d40149f135c67cf7859db&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=2650b874216d40149f135c67cf7859db&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7212381495254490937&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=7ed7d17e-2340-4908-b295-fd8e75af5fc8&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=7ed7d17e-2340-4908-b295-fd8e75af5fc8&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=7ed7d17e-2340-4908-b295-fd8e75af5fc8&gdpr=&consent=&gdpr_pd=
Date
Sun, 11 Sep 2022 05:03:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
content-length
0
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=2650b874216d40149f135c67cf7859db
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=2650b874216d40149f135c67cf7859db
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
116.202.236.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.236.202.116.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=2650b874216d40149f135c67cf7859db
date
Sun, 11 Sep 2022 05:03:26 GMT
server
nginx
etag
W/"b065cce634bc4a1e0f3d86b0831aeb69c16c1537a1380db86857c1813e3a834a"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=c258bbdd-272f-4551-b560-ae15395fcb10
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=c258bbdd-272f-4551-b560-ae15395fcb10
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=c258bbdd-272f-4551-b560-ae15395fcb10
date
Sun, 11 Sep 2022 05:03:26 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
sync
t.adx.opera.com/ 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
usermatchredir
r.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
43 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
748ddb630b54dc41-LHR
pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xCkmee37cbJzywFgrNGDwjT%2BGGM15e9nfddgRkKfKBVySsIb2lgGIjOHlPzAy%2F0Dgef92GD%2FLxjOaiWoA3WnZfHHxCCSyRwSUmsvOYWYT9ctJ1Q9Kg9CLx8teI8iSUlSFsL"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKmmQJFFkKYFXgOX6gi7RB7WqUNYuDyMS%2F3o4H2veFHgAmv0LsO%2FWmmjp7djVo%2B4PAhUZn2%2BsOZQicXB9gKZ%2Bjy56WK%2Ftq7j3Jjn14o90eK8qTz%2FMxjrfywDSaE0iJWU%2F1BIiha8oVfQag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
content-type
text/html; charset=iso-8859-1
cache-control
no-cache
cf-ray
748ddb61ddd788b5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-_B4mMp1E2uGpB9xTbnxBX0Y8KDzpwD5FHful2VY-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-_B4mMp1E2uGpB9xTbnxBX0Y8KDzpwD5FHful2VY-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-_B4mMp1E2uGpB9xTbnxBX0Y8KDzpwD5FHful2VY-~A
date
Sun, 11 Sep 2022 05:03:27 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/ 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
admixer-sync
rtb.com.ru/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/admixer-sync?uid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.189 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx/1.18.0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D2650b874216d...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=1221b59f-318f-11ed-9c9a-801844df0ab8
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=7ed7d17e-2340-4908-b295-fd8e75af5fc8
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=7ed7d17e-2340-4908-b295-fd8e75af5fc8
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=7ed7d17e-2340-4908-b295-fd8e75af5fc8
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=1221b59f-318f-11ed-9c9a-801844df0ab8
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3bd810cb-550e-404c-a941-155acb5e953f&ssp=lemma
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=7ed7d17e-2340-4908-b295-fd8e75af5fc8
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=2650b874216d40149f135c67cf7859db1221b59f-318f-11ed-9c9a-801844df0ab8
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=2650b874216d40149f135c67cf7859db1221b59f-318f-11ed-9c9a-801844df0ab8
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:29 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=2650b874216d40149f135c67cf7859db1221b59f-318f-11ed-9c9a-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
zdorovia.com.ua_160x600_br1.html
file.adpartner.pro/2297/2297845/ Frame 7DAB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_34360240315586376&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D77a2724d956f31dbc21c89e7cf9c9800
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"62947f06-cf9"
last-modified
Mon, 30 May 2022 08:23:34 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame BA44 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 11 Sep 2022 05:03:26 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 7639 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220cea86eb-d8e2-45fc-ae58-0791dedb3f9a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 11 Sep 2022 05:03:26 GMT
expires
0
pragma
no-cache
server
nginx
loader2.js
scripts.go2net.com.ua/scripts3/ Frame 9A60 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-07T13:45:10+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 26 Aug 2022 13:50:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F1AA 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
606ddaed8405179d74f99487d0ca7c0d2488ebafa684e2600c3ea2803e926d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57434
x-xss-protection
0
server
cafe
etag
12499487468990994031
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8FF8 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95c5ddab27c144fea94a0a11b701414030e3d7a0d8e043525db61ecdadbcf429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57425
x-xss-protection
0
server
cafe
etag
8794497522335205809
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:27 GMT
media
a4p.adpartner.pro/ Frame 1DC0
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
3e2d71b70123d5668b745014d9ab2501c033020e94d773d735280ccb155f6cd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=606f76f7-1d3f-41ea-badd-74ac44fff714&hp=1048539382&page=zdorovia.com.ua%2F&pvid=d4767cec-43a9-435e-be5b-9f6d1035bd4c&inst=ADS-EU-6&ts=637984694063393548&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=d53fc6a4-3fca-417d-a7ba-1d34b3479f15&hp=1048539382&page=zdorovia.com.ua%2F&pvid=d4767cec-43a9-435e-be5b-9f6d1035bd4c&inst=ADS-EU-6&ts=637984694063393548&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=4&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=291e2e41-dad9-491a-80b7-b576251b1999&hp=1048539382&page=zdorovia.com.ua%2F&pvid=d4767cec-43a9-435e-be5b-9f6d1035bd4c&inst=ADS-EU-6&ts=637984694063393548&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=2c3ef93e-2ef3-40f5-ae63-23cb042b1d68&hp=1048539382&page=zdorovia.com.ua%2F&pvid=1fc12bc1-ce96-4937-b78b-7723e7569e75&inst=ADS-EU-6&ts=637984694063571656&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7DAB 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_34360240315586376&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D77a2724d956f31dbc21c89e7cf9c9800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc429f4a056bb2e658217196c3984ed2eca12cf9f1b2618988d5f1dc2c2465c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40163
x-xss-protection
0
server
cafe
etag
13296299724674120401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:26 GMT
ptag
a.audrte.com/ Frame A422 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d08e45615e5ae0ee4a03831259ce7a93d30fb6cfb1898c360e9201887c7d1618

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
um
u-ams03.e-planning.net/ Frame A422
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1b32227e1595abe2%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1b32227e1595abe2&uid=7860071964432485354
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1b32227e1595abe2&uid=7860071964432485354
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d11fe2b5-1762-4700-ae4e-4d6d69078002
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1b32227e1595abe2&uid=7860071964432485354
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame A422 		478 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 10 Sep 2027 05:03:25 GMT
usync.html
eus.rubiconproject.com/ Frame C13A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 11 Sep 2022 05:03:26 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 740B 		1 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 22 Aug 2027 12:50:43 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
28.034
x-cf-tsc
1661259044
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 5023 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 66A8 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
283c46e2d1f471a41280f8726939e8b2e7a39ec87ec57ffe480069e7bae1b702

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
748ddb60be6c0229-ZRH
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
server
cloudflare
vary
Origin
via
1.1 google
/
ads.us.e-planning.net/uspd/1/ Frame CA4F 		1 KB
895 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
bcb5c16a0a01f9dfd4a58bc8011eab5970423057a181e33cdc1c2a000324400b

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
expires
Sun, 11 Sep 2022 05:03:26 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
csync
sync.adtelligent.com/ Frame 407F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ccf96e1a-2078-49ff-887c-a269928c2859
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ccf96e1a-2078-49ff-887c-a269928c2859
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 11 Sep 2022 05:03:26 GMT
Etag
4fca4293ba7735cb
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
748ddb60fbeb01fc-ZRH
content-length
0
date
Sun, 11 Sep 2022 05:03:26 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ccf96e1a-2078-49ff-887c-a269928c2859
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3E89 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=83438
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 12 Sep 2022 04:14:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1562 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame 2758 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
X-Robots-Tag
noindex
d
ic.tynt.com/r/ Frame 49C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.adtelligent.com/ Frame 7199 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2da35fbda1d1846dafe19cd1bc79afce518145cf24e6e7f318c5c4a18b811a0b

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
788
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 5A96
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6f5e4de7-da3e-49fe-ad64-c324afaf1037
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6f5e4de7-da3e-49fe-ad64-c324afaf1037
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6f5e4de7-da3e-49fe-ad64-c324afaf1037
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
1tphit49k5skcg75dacvpsv0i2lb7ta9
csync
sync.adtelligent.com/ Frame 5A96
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=74d885a6-b5c5-4b16-9f24-19519f99385c
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=74d885a6-b5c5-4b16-9f24-19519f99385c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=74d885a6-b5c5-4b16-9f24-19519f99385c
date
Sun, 11 Sep 2022 05:03:26 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
ap.lijit.com/ Frame 5A96 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 11 Sep 2022 05:03:26 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 5A96
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7860071964432485354
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7860071964432485354
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
16b849b1-1290-48d4-8258-109a97096e07
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7860071964432485354
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 5A96
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c258bbdd-272f-4551-b560-ae15395fcb10
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c258bbdd-272f-4551-b560-ae15395fcb10
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c258bbdd-272f-4551-b560-ae15395fcb10
date
Sun, 11 Sep 2022 05:03:26 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 5A96
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1662872606849
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6450993601
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6450993601
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
RXcdba02dfa3454f66852acc58af7717f9003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6450993601
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 5A96
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7860071964432485354
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7860071964432485354
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c3746dd9-1a6b-4bb9-b3dc-c68a7e33e010
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7860071964432485354
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ Frame 5A96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 5A96
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=2650b874216d40149f135c67cf7859db
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=2650b874216d40149f135c67cf7859db
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=2650b874216d40149f135c67cf7859db
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
ptag
a.audrte.com/ Frame CA4F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d08e45615e5ae0ee4a03831259ce7a93d30fb6cfb1898c360e9201887c7d1618

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
um
u-ams03.e-planning.net/ Frame CA4F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1b32227e1595abe2%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1b32227e1595abe2&uid=7860071964432485354
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1b32227e1595abe2&uid=7860071964432485354
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:26 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
63ad285b-fe44-4f4e-8168-a270ff5efbe8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1b32227e1595abe2&uid=7860071964432485354
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame CA4F 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 10 Sep 2027 05:03:25 GMT
usync.html
eus.rubiconproject.com/ Frame C5B0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 11 Sep 2022 05:03:26 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D812 		1 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 22 Aug 2027 12:50:43 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
28.034
x-cf-tsc
1661259044
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 7DAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame C06A 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a3a34565fedfe7002149e7898edfe950ffcf3799ffc03b3e1bee33a9400dbb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
748ddb60be6d0229-ZRH
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
server
cloudflare
vary
Origin
via
1.1 google
/
onetag-sys.com/usync/ Frame 216C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0B78 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=83438
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 12 Sep 2022 04:14:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2C27
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 11 Sep 2022 05:03:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
csync
sync.adtelligent.com/ Frame 7199 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
43
Content-Type
image/gif
cdb
bidder.criteo.com/ 		229 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=129&profileId=184&cb=32234259622
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4d86aecb86ff197716058aff5e5ef405a3b46b3c96ec939965cc7335c88e6f3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
200
cdb
bidder.criteo.com/ 		229 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=129&profileId=184&cb=10114352342
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
535699d430009be6bdda92b798294d2151103ba46252a465dd87c3c7b50f74ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
201
cdb
bidder.criteo.com/ 		229 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=129&profileId=184&cb=41942756133
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b0465061f71e25d065152d823f41a2c562a11d4bafa7678c9bf648c4b56afbb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
200
c.html
cdn.admixer.net/scripts3/49044/ Frame BEE9 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"63049f42-2e2"
expires
Thu, 24 Aug 2023 09:38:18 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:18+00:00
x-id
fr5-up-gc28
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
62dd7b0ccfa8bdaf6f9cca4f3138298c44e5bfe4da2af6ca6f400ac4f7ce8b6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-07T13:45:10+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 26 Aug 2022 13:50:42 GMT
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=80440af4-7ad9-480f-9541-b52eac58a38a&hp=1048539382&page=zdorovia.com.ua%2F&segments=2%2C494%2C4&ts=637984694063571656&ap=MA%3D%3D&asign=2129425362&sync=98%2C88%2C96%2C80%2C3%2C57&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=1fc12bc1-ce96-4937-b78b-7723e7569e75&ip=217.138.196.108&item=F34E2A12-1873-45CF-A327-13F884B02F8C&crid=F34E2A12-1873-45CF-A327-13F884B02F8C&size=240x350&profile=4C02EB63-7790-4196-82B4-5362F7AB3A87&isopt=0&adv=N%2FA&dsp=Adform&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
dsp.aspx
ads.go2net.com.ua/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2315184812395048&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22e390456d-b65b-127d-d63a-2507da204d74%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228eb66705-a5fb-c9e2-5e7d-58eaad921aac%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
7a0dadde0b435ea262963c6742272087c184be834b81b2330ef115603ac373cb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2060
X-Xss-Protection
0
getuid
ib.adnxs.com/ Frame C06A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame C06A 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=13c99a78-bebe-4449-8f9e-e6514da19c1f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=13c99a78-bebe-4449-8f9e-e6514da19c1f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb627fcc0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=13c99a78-bebe-4449-8f9e-e6514da19c1f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame C06A 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C06A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame C06A 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
27
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1662872607.064305,VS0,VE27
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6943-MXP
u
dmp.v.fwmrm.net/ad/ Frame C06A 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:82a0:df8e:67ea:6e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C06A 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=045bf2b0-a51f-4133-83b6-7282d9d2a0db&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=045bf2b0-a51f-4133-83b6-7282d9d2a0db&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63c8ac0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=045bf2b0-a51f-4133-83b6-7282d9d2a0db&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=110feb97-930c-42dc-52b1-8e4b4364ecc0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=110feb97-930c-42dc-52b1-8e4b4364ecc0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=85344708055734849892380772553784847816&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=85344708055734849892380772553784847816&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb62aff00229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v039-009c8379e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Oe2Hpz6uQew=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=85344708055734849892380772553784847816&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame C06A 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7141983464483322009&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7141983464483322009&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63c8b00229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7141983464483322009&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame C06A 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=110feb97-930c-42dc-52b1-8e4b4364ecc0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=110feb97-930c-42dc-52b1-8e4b4364ecc0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=110feb97-930c-42dc-52b1-8e4b4364ecc0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=D6ZwgLnuHxHtsnZs.BMFee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4a...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=D6ZwgLnuHxHtsnZs.BMFee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63c8b40229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
via
1.1 google
last-modified
Sun, 11 Sep 2022 05:03:27 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=D6ZwgLnuHxHtsnZs.BMFee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb64894a0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=110feb97-930c-42dc-52b1-8e4b4364ecc0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=110feb97-930c-42dc-52b1-8e4b4364ecc0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb6428fc0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.14.65
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-7JRoE0BE2oqGThGRAxOTdUM_aDhOPcbrwQ--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-7JRoE0BE2oqGThGRAxOTdUM_aDhOPcbrwQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63c8af0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-7JRoE0BE2oqGThGRAxOTdUM_aDhOPcbrwQ--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=mi8GSBHP8j2elPx2t68qcdZ0ZtEWYiZm%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=mi8GSBHP8j2elPx2t68qcdZ0ZtEWYiZm%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63f8dc0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=mi8GSBHP8j2elPx2t68qcdZ0ZtEWYiZm%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame C06A 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=110feb97-930c-42dc-52b1-8e4b4364ecc0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame C06A 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.211.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-211-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1662872607
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame C06A 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=110feb97-930c-42dc-52b1-8e4b4364ecc0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame C06A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361&_test=Yx1sHwAM9CaMEQAK
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
3016
x-served-by
cache-lcy19252-LCY
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1662872608.595311,VS0,VE0
content-length
85
x-cache-hits
2619

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1662872607.461248,VS0,VE82
x-served-by
cache-lcy19252-LCY
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110feb97-930c-42dc-52b1-8e4b4364ecc0%26reqId%3D75b8692c-4dff-4afd-67b8-533b6ff38d2b%26zdid%3D1361&_test=Yx1sHwAM9CaMEQAK
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame C06A 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-43.fra60.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
0Z4A6PNk66UVefIDDV-PJoewqfR08B8Z3nEEoxzID-IOYM0iEnBn_A==
x-cache
Miss from cloudfront
usermatch.gif
beacon.krxd.net/ Frame C06A
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PEm0oQur&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.18.211.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-211-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=22 t=1662872607
x-served-by
beacon-n014-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb66db380229-ZRH
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame C06A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=110feb97-930c-42dc-52b1-8e4b4364ecc0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=110feb97-930c-42dc-52b1-8e4b4364ecc0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=110feb97-930c-42dc-52b1-8e4b4364ecc0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
6DG6DC48DY99QHZ4KZNM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
P0JM94X5C4PXA63AY1K6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=110feb97-930c-42dc-52b1-8e4b4364ecc0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame C06A 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=110feb97-930c-42dc-52b1-8e4b4364ecc0&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame C06A
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D110fe...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb665abd0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
date
Sun, 11 Sep 2022 05:03:27 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame C06A 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=110feb97-930c-42dc-52b1-8e4b4364ecc0&pt=d[&gdpr=0&gdpr_consent=]
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
getuid
ib.adnxs.com/ Frame 66A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 66A8 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=13c99a78-bebe-4449-8f9e-e6514da19c1f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97...
95 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=13c99a78-bebe-4449-8f9e-e6514da19c1f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb627fcb0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=13c99a78-bebe-4449-8f9e-e6514da19c1f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 66A8 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 66A8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 66A8 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
30
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1662872607.064292,VS0,VE30
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6943-MXP
u
dmp.v.fwmrm.net/ad/ Frame 66A8 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:82a0:df8e:67ea:6e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 66A8 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9c6d-bac9-4253-5da8-7b99f5ee6be9%26reqId%3D8614291d-12da-4f97-581f-926cc230b1db%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=045bf2b0-a51f-4133-83b6-7282d9d2a0db&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=045bf2b0-a51f-4133-83b6-7282d9d2a0db&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63c8ad0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=045bf2b0-a51f-4133-83b6-7282d9d2a0db&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=85344708055734849892380772553784847816&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=85344708055734849892380772553784847816&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb62aff10229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v039-0eb93ed10.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GFR7Rp+aSiQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=85344708055734849892380772553784847816&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 66A8 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7141983464482732182&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7141983464482732182&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63c8b10229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7141983464482732182&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 66A8 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=D6ZwgLnuHxHtsnZs.BMFee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=D6ZwgLnuHxHtsnZs.BMFee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63c8b30229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:26 GMT
via
1.1 google
last-modified
Sun, 11 Sep 2022 05:03:27 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=D6ZwgLnuHxHtsnZs.BMFee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb64894c0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb6428f90229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.29.176
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-ILgq8IxE2oqd9wi4ikoMiF7fNocW_RxE7A--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-ILgq8IxE2oqd9wi4ikoMiF7fNocW_RxE7A--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63c8ae0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-ILgq8IxE2oqd9wi4ikoMiF7fNocW_RxE7A--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=MjjoqVWHhTielPx2t68qcfIR3dm8nO4l%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=MjjoqVWHhTielPx2t68qcfIR3dm8nO4l%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb63f8db0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=MjjoqVWHhTielPx2t68qcfIR3dm8nO4l%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 66A8 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 66A8 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.211.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-211-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1662872607
x-served-by
beacon-n022-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 66A8 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yx1sHwAM9WWMEwAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yx1sHwAM9WWMEwAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361&_test=Yx1sHwAM9WWMEwAK
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb665aba0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1662872608.595285,VS0,VE0
x-served-by
cache-lcy19252-LCY
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yx1sHwAM9WWMEwAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361&_test=Yx1sHwAM9WWMEwAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 66A8 		0
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-43.fra60.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
xSzMQhKzArDT0E5ooVwtdJA0ZkjySgKcZlRF-SVvl_dumI-NJ_clJA==
x-cache
Miss from cloudfront
usermatch.gif
beacon.krxd.net/ Frame 66A8
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PEm0oQur&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.18.211.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-211-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=21 t=1662872607
x-served-by
beacon-n021-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb66db390229-ZRH
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame 66A8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
KTK6C3BTWQ7P5VHZAFY8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
7MPHCA2AVQXB3JNVQJ2A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 66A8 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 66A8
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb665abc0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
date
Sun, 11 Sep 2022 05:03:27 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 66A8 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&pt=d[&gdpr=0&gdpr_consent=]
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 3E89 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32073550&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
content-length
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=80440af4-7ad9-480f-9541-b52eac58a38a&hp=1048539382&page=zdorovia.com.ua%2F&segments=2%2C494%2C4&ts=637984694063571656&ap=MA%3D%3D&asign=2129425362&sync=98%2C88%2C96%2C80%2C3%2C57&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=1fc12bc1-ce96-4937-b78b-7723e7569e75&ip=217.138.196.108&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=80440af4-7ad9-480f-9541-b52eac58a38a&hp=1048539382&page=zdorovia.com.ua%2F&segments=2%2C494%2C4&ts=637984694063571656&ap=MA%3D%3D&asign=2129425362&sync=98%2C88%2C96%2C80%2C3%2C57&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=1fc12bc1-ce96-4937-b78b-7723e7569e75&ip=217.138.196.108&item=2AC304DB-8C70-47D9-86D2-B88FCF329D87&crid=2AC304DB-8C70-47D9-86D2-B88FCF329D87&size=300x250&profile=31B0C9C2-24E5-4F12-A50D-F039082E0855&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F5E8 		164 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3881a3c57ccf56ed993c153db0aac2c07c0cd4476b319b299d062aacafe5878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17770818244564636657
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
57444
X-XSS-Protection
0
Expires
Sun, 11 Sep 2022 05:03:27 GMT
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=80440af4-7ad9-480f-9541-b52eac58a38a&hp=1048539382&page=zdorovia.com.ua%2F&segments=4%2C2%2C494&ts=637984694063571656&ap=MA%3D%3D&asign=2129425362&sync=98%2C88%2C96%2C80%2C3%2C57&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=1fc12bc1-ce96-4937-b78b-7723e7569e75&ip=217.138.196.108&item=4AFBC992-727F-4939-8CA8-A11954B7F1F7&crid=4AFBC992-727F-4939-8CA8-A11954B7F1F7&size=300x600&profile=94EE5311-0516-4D72-8091-7984FDECE4E0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=4&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=80440af4-7ad9-480f-9541-b52eac58a38a&hp=1048539382&page=zdorovia.com.ua%2F&pvid=1fc12bc1-ce96-4937-b78b-7723e7569e75&inst=ADS-EU-6&ts=637984694063571656&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
usync.js
eus.rubiconproject.com/ Frame C5B0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68068
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 11 Sep 2022 23:57:55 GMT
usync.js
eus.rubiconproject.com/ Frame 2C27 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68068
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 11 Sep 2022 23:57:55 GMT
usync.js
eus.rubiconproject.com/ Frame C13A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68068
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 11 Sep 2022 23:57:55 GMT
c.html
cdn.admixer.net/scripts3/49044/ Frame 7DB2 		738 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"63049f42-2e2"
expires
Thu, 24 Aug 2023 09:38:18 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-08-23T09:38:18+00:00
x-id
fr5-up-gc28
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ Frame 7DAB 		345 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02567b181cb4cf10c1c1a13c3508712f613c27bd66cccf6127e6cab293c739e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124233
x-xss-protection
0
server
cafe
etag
1592125900519903390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:27 GMT
khaos.jpg
token.rubiconproject.com/ Frame C5B0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 2C27 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame C13A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
media.min.js
a4p.adpartner.pro/apstc/ Frame 1DC0 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.425
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-store no-transform
last-modified
Wed, 31 Aug 2022 13:16:12 GMT
server
nginx
content-encoding
br
etag
W/"630f5f1c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 582B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 0498 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=2&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
f05ff75243a02f8c87543c91edcf7f1dc98aef6aadc589d26b7eb4af4f7f3e67

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame F1AA 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a259bb17f2355a87a3420776abcb937b1f6d0a7a749e3caa2b69929003827e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124743
x-xss-protection
0
server
cafe
etag
14350813035354752795
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame FA99 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
40016
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 17:56:31 GMT
etag
8616628553774171045
expires
Sat, 24 Sep 2022 17:56:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 7837 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"62ec189b-273"
expires
Fri, 10 Sep 2027 05:03:26 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame BDA0 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"601b131c-27c"
expires
Fri, 10 Sep 2027 05:03:26 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame ED26 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D1b32227e1595abe2%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AZySIRCkPk6h
x-77-nzt-ray
X+JqKnz8eOc
x-77-pop
frankfurtDE
x-accel-expires
@1663909407
x-cache
MISS
adxcm.aspx
inv-nets.admixer.net/ Frame 5689 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFw5CxjiqiN3b7ID
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 11 Sep 2022 05:03:27 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 8FF8 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b71ffe4069eb53179a0bf651608382118fdcefb1aaa3dc96869fd2be34e0ce52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124749
x-xss-protection
0
server
cafe
etag
15676552269881399031
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:27 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 2C27 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C5B0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
media
a4p.adpartner.pro/ Frame 0498 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=2&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
920666a928ec9c6a443110fc4b4ee2332554299b5d25c0932e5d9312f13eead1

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=2&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 00EA 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"62ec189b-273"
expires
Fri, 10 Sep 2027 05:03:26 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame B3B0 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:26 GMT
etag
W/"601b131c-27c"
expires
Fri, 10 Sep 2027 05:03:26 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame F068 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D1b32227e1595abe2%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 05:03:28 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AZySIRBnZ/fB
x-77-nzt-ray
tSVVc3s2MA0
x-77-pop
frankfurtDE
x-accel-expires
@1663909408
x-cache
MISS
csync
sync.adtelligent.com/ Frame 8494 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AFw5CxjiqiN3b7ID
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 11 Sep 2022 05:03:26 GMT
Etag
4fca4293ba7735cb
Server
Adtelligent
media
a4p.adpartner.pro/ Frame DCC4
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
3e2d71b70123d5668b745014d9ab2501c033020e94d773d735280ccb155f6cd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
cm-notify
creativecdn.com/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT, Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
t.adx.opera.com/ 		35 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=2650b874216d40149f135c67cf7859db
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=2650b874216d40149f135c67cf7859db&redir=[RED]
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
pic.gif
pa.tns-ua.com/bug/ 		56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=2650b874216d40149f135c67cf7859db
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1
setuid
ib.adnxs.com/ 		43 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=533&code=2650b874216d40149f135c67cf7859db
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5f554c33-f508-45a0-b102-c74ebaa9aa3c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.html
s.adtelligent.com/ Frame DFFF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2315184812395048&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22e390456d-b65b-127d-d63a-2507da204d74%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228eb66705-a5fb-c9e2-5e7d-58eaad921aac%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
0c8ad510ab9eae791f8e119b89cfbb8ebf40684d063e8daf43a3d1dc49885ae0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1064
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 266A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2315184812395048&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22e390456d-b65b-127d-d63a-2507da204d74%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228eb66705-a5fb-c9e2-5e7d-58eaad921aac%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 8DE7 		1 KB
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2315184812395048&cpv=de869737-05f1-835b-64de-b97fe5ca6909&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22e390456d-b65b-127d-d63a-2507da204d74%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228eb66705-a5fb-c9e2-5e7d-58eaad921aac%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
f41258b0ccd3fad1d2d22f40e2813f3ec3aae2dbdf542c645ee6c1098f915119

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
Sun, 11 Sep 2022 05:03:27 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=3b188b4b-6426-4888-95e8-c9be394b2b31&hp=1048539382&page=zdorovia.com.ua%2F&pvid=1fc12bc1-ce96-4937-b78b-7723e7569e75&inst=ADS-EU-6&ts=637984694072938056&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:25 GMT
content-length
0
pixel
ap.lijit.com/ 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-length
0
admixer-sync
rtb.com.ru/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/admixer-sync?uid=2650b874216d40149f135c67cf7859db
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.189 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx/1.18.0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 7837 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 03:03:14 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
7268
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
EUpDmWhpZpHTt15L_OBYWsB6oVsbfTnYZ9ByhvS-Gi241jYRPR4qFw==
GS.d
js.cookieless-data.com/ Frame BDA0 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1662872607411
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 7DAB 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7DAB 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 24A2 		57 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81b7eb06ab05d2651be2d618ee56dfdc42e1c6ac63e2d704502fe19e1b9af24c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
24552
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
Sun, 11 Sep 2022 05:03:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 004B 		56 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4a92b5ac13a1232b9a318c87536138dbe7894e1b0bccd5c2e6aa5e3a518e9bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
24048
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
Sun, 11 Sep 2022 05:03:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 00EA 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 03:03:14 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
7268
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
SSMX07Sm03AH-HGQCTYCUcb_OVzjB-guReNZ5LW97bvLbYV51Rerrw==
GS.d
js.cookieless-data.com/ Frame B3B0 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1662872607494
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F1AA 		219 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9af12d8880e531766747a4a7c42c4c7ca1912e3a5e8e425bdbf6572183d27056
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame F1AA 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F1AA 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 30D1 		86 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d194c854d4dfc27fabf9977f2afd7f6c5e5795b84f8ac6d5939f54953586198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31591
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
Sun, 11 Sep 2022 05:03:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F1AA 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
150bc463a8a133c057be571edf74b40d6192117692f1110e01c12eed0c31cf3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11189
x-xss-protection
0
ptag
a.audrte.com/ Frame 8DE7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d08e45615e5ae0ee4a03831259ce7a93d30fb6cfb1898c360e9201887c7d1618

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
um
u-ams03.e-planning.net/ Frame 8DE7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D13ed070d5111ba56%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=13ed070d5111ba56&uid=7860071964432485354
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=13ed070d5111ba56&uid=7860071964432485354
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d24a09ea-061e-4012-ad2f-3ff7c6f38224
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=13ed070d5111ba56&uid=7860071964432485354
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 8DE7 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 10 Sep 2027 05:03:26 GMT
/
onetag-sys.com/usync/ Frame EA0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame 0A5D 		1 KB
895 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
63efbbe81f8cb58574831c943d5950d3e3cc2d0e0d9e620b9aab785bf51fb70c

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
Sun, 11 Sep 2022 05:03:27 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
d
ic.tynt.com/r/ Frame 3E31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.adtelligent.com/ Frame 104A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3ACD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=83437
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 12 Sep 2022 04:14:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame DFFF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6337032657
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6337032657
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
RXcdba02dfa3454f66852acc58af7717f9003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6337032657
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
sync.html
s.console.adtarget.com.tr/ Frame E18E 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
X-Robots-Tag
noindex
pixel
ap.lijit.com/ Frame DFFF 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
sync
vid.vidoomy.com/ Frame DFFF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame DFFF
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=2650b874216d40149f135c67cf7859db
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=2650b874216d40149f135c67cf7859db
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=2650b874216d40149f135c67cf7859db
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/ Frame F5E8 		345 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069447
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0c04d195fd699a26fc645b83f4a24a7077c466fe91b92b60203811100de6454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124393
x-xss-protection
0
server
cafe
etag
12490624682511053161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:27 GMT
usync.html
eus.rubiconproject.com/ Frame 3B04
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:27 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 11 Sep 2022 05:03:27 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 1AA0 		1 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 22 Aug 2027 12:50:43 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
28.034
x-cf-tsc
1661259044
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame E448 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 517C 		322 B
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844ed406476ec12c22d6f85fe09b7eaadd84f4bc7b29519b42ae75cbee0015cd

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
748ddb657a280229-ZRH
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
server
cloudflare
vary
Origin
via
1.1 google
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 34C5 		668 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fef92dcff-d21e-41da-b1cb-139f39f972fc%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA3LCJzaG93X2lkIjoiZWY5MmRjZmYtZDIxZS00MWRhLWIxY2ItMTM5ZjM5Zjk3MmZjIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd29386fba55598080f523e0953544562&showId=ef92dcff-d21e-41da-b1cb-139f39f972fc&apuid=c258bbdd-272f-4551-b560-ae15395fcb10
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
ptag
a.audrte.com/ Frame 0A5D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d08e45615e5ae0ee4a03831259ce7a93d30fb6cfb1898c360e9201887c7d1618

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
um
u-ams03.e-planning.net/ Frame 0A5D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D13ed070d5111ba56%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=13ed070d5111ba56&uid=7860071964432485354
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=13ed070d5111ba56&uid=7860071964432485354
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
19ea90c1-4fc8-4006-bff7-4625dc61195c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=13ed070d5111ba56&uid=7860071964432485354
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 0A5D 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:26 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 10 Sep 2027 05:03:26 GMT
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=211243eb-11ba-464c-a0c6-ba847f55b0ad
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ping
pagead2.googlesyndication.com/pagead/ Frame F5E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=d53fc6a4-3fca-417d-a7ba-1d34b3479f15&hp=1048539382&page=zdorovia.com.ua%2F&pvid=d4767cec-43a9-435e-be5b-9f6d1035bd4c&inst=ADS-EU-6&ts=637984694063393548&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=9&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=291e2e41-dad9-491a-80b7-b576251b1999&hp=1048539382&page=zdorovia.com.ua%2F&pvid=d4767cec-43a9-435e-be5b-9f6d1035bd4c&inst=ADS-EU-6&ts=637984694063393548&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
if
a4p.adpartner.pro/tracker/ Frame 77D5 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522ef92dcff-d21e-41da-b1cb-139f39f972fc%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522ef92dcff-d21e-41da-b1cb-139f39f972fc%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
0
pragma
no-cache
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F1AA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:27 GMT
if
a4p.adpartner.pro/tracker/ Frame 495B 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522ef92dcff-d21e-41da-b1cb-139f39f972fc%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522ef92dcff-d21e-41da-b1cb-139f39f972fc%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 11 Sep 2022 05:03:27 GMT
expires
0
pragma
no-cache
server
nginx
media.min.js
a4p.adpartner.pro/apstc/ Frame DCC4 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.425
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-store no-transform
last-modified
Wed, 31 Aug 2022 13:16:12 GMT
server
nginx
content-encoding
br
etag
W/"630f5f1c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 272B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 11 Sep 2022 05:03:28 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame BA0D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=3&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
a538b491a7f92a4c7c5b1b4c3fd1a89ddefd5001323810acba38b6748530258c

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 11 Sep 2022 05:03:27 GMT
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5E3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=83437
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 12 Sep 2022 04:14:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8DB8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:27 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 11 Sep 2022 05:03:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 919B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 104A 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:26 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 33E2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:27 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 11 Sep 2022 05:03:27 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 9FC9 		1 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 22 Aug 2027 12:50:43 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
28.034
x-cf-tsc
1661259044
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 666B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame F6B3 		322 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9785864a41aae226145084033506c55f74752107531c101eab0e4004bc59d933

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
748ddb66aaf00229-ZRH
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
server
cloudflare
vary
Origin
via
1.1 google
mw
mwzeom.zeotap.com/ Frame 517C
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=c3f072f0-19fc-476b-7382-93d60731933e&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=c3f072f0-19fc-476b-7382-93d60731933e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb673b960229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=c3f072f0-19fc-476b-7382-93d60731933e&zdid=1361
date
Sun, 11 Sep 2022 05:03:27 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cookie.js
partner.googleadservices.com/gampad/ Frame 8FF8 		219 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b6135e708f97fb583744321787055efe0a7d81e8d86b34361dbc96a001002d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 8FF8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8FF8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5951 		77 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16a9e49143c8c7f5f32986762dfba07316016a388b9181227adaa60ae0753d2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31803
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8FF8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f5163d30aa00a299f8015051d075e855c5d4396ee79d1c254199d44848049b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11216
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 3B04 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68068
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 11 Sep 2022 23:57:55 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 7837 		155 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 10 Sep 2022 06:27:23 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
age
81378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
kPHAvJigaU3Nh8zOH7Rw-tR83YvSAtGaw5j4RwhyuHnJC5mEXArr-g==
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 00EA 		155 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 10 Sep 2022 06:27:23 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
age
81378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
n7m-d1iPiE3ZsH9pI_Kge9cEpkIKoAwYL91ngapQVLqyLWXPiQNcZg==
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 4E60 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"62ec189b-273"
expires
Fri, 10 Sep 2027 05:03:27 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 229B 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"601b131c-27c"
expires
Fri, 10 Sep 2027 05:03:27 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 80EA 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D13ed070d5111ba56%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AZySIRA7PByh
x-77-nzt-ray
gcDred4dfxY
x-77-pop
frankfurtDE
x-accel-expires
@1663909407
x-cache
MISS
adxcm.aspx
inv-nets.admixer.net/ Frame 0D24 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFw5CxjiqiN3b7ID
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 11 Sep 2022 05:03:27 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 34C5 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fef92dcff-d21e-41da-b1cb-139f39f972fc%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA3LCJzaG93X2lkIjoiZWY5MmRjZmYtZDIxZS00MWRhLWIxY2ItMTM5ZjM5Zjk3MmZjIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd29386fba55598080f523e0953544562&showId=ef92dcff-d21e-41da-b1cb-139f39f972fc&apuid=c258bbdd-272f-4551-b560-ae15395fcb10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60c2b41c1e97a9d450caf5b032f569824a1fe387f5c7c2e1767a66da812b51ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40135
x-xss-protection
0
server
cafe
etag
285060499119109949
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:27 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F5E8 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame F5E8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F5E8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3EBD 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4703347652c3f1dc8ec0b79eed581b9ed4141a9c98592e0c06d1848eb15d7f62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10273
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F5E8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8717384e9e6bb922463148079ef58c0e166f468b43856a263b55a6820d88f872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11052
x-xss-protection
0
7356694244406545271
tpc.googlesyndication.com/simgad/ Frame 004B 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7356694244406545271?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkc6-h_5-oWO8N07eyAJxCe0RcjxA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6f92669a837f44b873629979610dcdc6218ca64f967521d4a56cb4aadf686c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 06:38:30 GMT
x-content-type-options
nosniff
age
599097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43616
x-xss-protection
0
last-modified
Mon, 02 Dec 2019 15:14:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Sep 2023 06:38:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 004B 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 004B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:55:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 004B 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 004B 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 004B 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e444f2d6ab82742be31853a29d3ddbf08f8189469ba254004ede7288d063b141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 21:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13501
x-xss-protection
0
server
cafe
etag
2740535871346252481
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 21:00:20 GMT
11955994850918739613
tpc.googlesyndication.com/daca_images/simgad/ Frame 24A2 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11955994850918739613
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f582a51e5a6cee62ddf9c8d2c66cef0b58ce4c7bd7b526b5cf4b4e0670ac44d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 05:55:26 GMT
x-content-type-options
nosniff
age
428881
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77751
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 10:09:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Sep 2023 05:55:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 24A2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 24A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:55:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 24A2 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 24A2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:19 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 24A2 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e444f2d6ab82742be31853a29d3ddbf08f8189469ba254004ede7288d063b141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 21:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13501
x-xss-protection
0
server
cafe
etag
2740535871346252481
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 21:00:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8FF8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
css
fonts.googleapis.com/ Frame 30D1 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Sep 2022 03:22:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 11 Sep 2022 05:03:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Sep 2022 05:03:28 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 30D1 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:13:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 30D1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 30D1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:55:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30D1 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 30D1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:19 GMT
8e474446b56ed6ef0feeec2d987f1a60.js
www.gstatic.com/mysidia/ Frame 30D1 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 00:50:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 01:10:31 GMT
mw
mwzeom.zeotap.com/ Frame F6B3
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De0ed9...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=cee5bd10-82e2-433c-7b40-4b96c6146ccf&zdid=1361
95 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=cee5bd10-82e2-433c-7b40-4b96c6146ccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
748ddb682c5a0229-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=cee5bd10-82e2-433c-7b40-4b96c6146ccf&zdid=1361
date
Sun, 11 Sep 2022 05:03:27 GMT
cross-origin-resource-policy
cross-origin
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame 3B04 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
usync.js
eus.rubiconproject.com/ Frame 33E2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68068
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 11 Sep 2022 23:57:55 GMT
usync.js
eus.rubiconproject.com/ Frame 8DB8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68068
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 11 Sep 2022 23:57:55 GMT
data
bcp.crwdcntrl.net/6/ Frame 7837 		20 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.27.249
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
data
bcp.crwdcntrl.net/6/ Frame 00EA 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:27 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.21.49
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
media
a4p.adpartner.pro/ Frame BA0D 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=3&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
548d1d690aa414adb60bbf56bfd077d75da4a63d15210cf93344a3ed04ddfd84

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=c258bbdd-272f-4551-b560-ae15395fcb10&session_pageview=3&session_id=c3d58b95-d5ec-43e4-9247-1f14712497c1&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 11 Sep 2022 05:03:27 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 2700 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"62ec189b-273"
expires
Fri, 10 Sep 2027 05:03:27 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame D8ED 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"601b131c-27c"
expires
Fri, 10 Sep 2027 05:03:27 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 8CF0 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D13ed070d5111ba56%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 05:03:27 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AZySIRBksdbB
x-77-nzt-ray
NAupHaJp8Bw
x-77-pop
frankfurtDE
x-accel-expires
@1663909407
x-cache
MISS
/
e.dtscout.com/801/ Frame 0A5D 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/801/?v=1&pid=8017&site=1&l=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&j=https%3A%2F%2Fs.adtelligent.com%2F
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip225.ip-158-69-139.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
f5b6a6a13c2c781dceb0e23aa22f936b284b52b95ef6738b26b6eba31f0a8acc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Cache-Control
no-cache
Server
nginx/1.10.3 (Ubuntu)
Connection
close
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
Sun, 11 Sep 2022 05:03:27 GMT
csync
sync.adtelligent.com/ Frame 8873 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AFw5CxjiqiN3b7ID
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 11 Sep 2022 05:03:27 GMT
Etag
4fca4293ba7735cb
Server
Adtelligent
adview
googleads.g.doubleclick.net/pagead/ Frame 30D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEu2CH2wdY8LMI4Hn3gO4-4nAAtL_3apsptP6278O6ZXSoMoiEAEgrOT2CGC7hoCA0AqgAfKRvMIDyAEJqQLkGoonXXGzPqgDAcgDywSqBMEBT9BLWrSjO5SZwi3pqqoEkzl0w-8lz-IUFDWerZv1crZzKxKkAIzbjxRUINSRxAU5WrRKOBigvekS9Gw-wjiFgxd361mIiHulijhFzKNCVf5NEJYKfem574VKHvZ6GIj4f2-VtJIT7V-4LCGIacMmBY-GskfMETQwsC47YoUCxfGfxE2v17RGCCCHwwy2WSqQCS3-BIXMJ_v1CMo6C53LHAgohY59by887ucz4RKQ51nZxLUYeVtnoxE6S28Qu5ITTsAEpOmN3s0DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_btwz2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCVuyTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDU3NzI1NDQzNTU5NzEwNBgA&sigh=Shc-lzIckAQ&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 11 Sep 2022 05:03:28 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 4E60 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 03:03:14 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
7268
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
1CkPBZukoUoYDjvZGvl9SliWHXEbLWiVPEBQ5llxguCKrr3N4DxgMA==
GS.d
js.cookieless-data.com/ Frame 229B 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1662872607963
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F5E8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/8794135161475693715/ Frame 30D1 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8794135161475693715/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bb6d2ec712b50aafdda63ad4bb0d0ce8e895a8c43699674eb66013a0b8d719a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:26:41 GMT
x-content-type-options
nosniff
age
2207
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44901
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 11:49:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 11 Sep 2023 04:26:41 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6222864410014395873/ Frame 30D1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6222864410014395873/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bac8d5ac143399f5bce1f6bf0aa3964d058834e348e6f6e1e8a0bd673e3e0bd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:18:50 GMT
x-content-type-options
nosniff
age
2678
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1561
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 11:48:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 11 Sep 2023 04:18:50 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/ Frame 34C5 		345 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069447
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e804997a1a22e8e896aec28860e1736d6eeb2bd1e82070dbdcf49e12ac88339c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124393
x-xss-protection
0
server
cafe
etag
7713650227000634515
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3814 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 11 Sep 2022 04:39:21 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2650b874216d40149f135c67cf7859db&cet=9&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=80440af4-7ad9-480f-9541-b52eac58a38a&hp=1048539382&page=zdorovia.com.ua%2F&pvid=1fc12bc1-ce96-4937-b78b-7723e7569e75&inst=ADS-EU-6&ts=637984694063571656&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ptrack
a.audrte.com/ Frame A422 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.108&p=M1353665098&artime=2022-09-11T05:03:28.005Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
cbd7a0d6e58be879a1b79769baf5809dd9fc0d7c6bcaf2963f50d3430dee6675

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
s
googleads.g.doubleclick.net/pagead/drt/ Frame C945 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 11 Sep 2022 04:39:21 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 33E2 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 8DB8 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 2700 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 03:03:14 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
7269
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
X_I5Ezw_mxUQKMZL3qJjWU4v9YLTLDW1Wy0RSKTmK8c8p-yG0gRA3A==
GS.d
js.cookieless-data.com/ Frame D8ED 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1662872608084
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame 0856
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 11 Sep 2022 05:03:27 GMT
Etag
62bb3e95d00ea4b3
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 11 Sep 2022 05:03:28 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
server
nginx
csync
sync.adtelligent.com/ Frame 2758
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62bb3e95d00ea4b3
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62bb3e95d00ea4b3
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62bb3e95d00ea4b3
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
Etag
62bb3e95d00ea4b3
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 3CDB
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 11 Sep 2022 05:03:27 GMT
Etag
62bb3e95d00ea4b3
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 11 Sep 2022 05:03:28 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=7212381495254490937
server
nginx
csync
sync.adtelligent.com/ Frame E18E
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62bb3e95d00ea4b3
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62bb3e95d00ea4b3
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
Etag
4fca4293ba7735cb
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62bb3e95d00ea4b3
Date
Sun, 11 Sep 2022 05:03:27 GMT
Server
Adtelligent
Etag
62bb3e95d00ea4b3
Content-Length
0
9685355564896602461
tpc.googlesyndication.com/simgad/ Frame 5951 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9685355564896602461?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlhT4ph13S3FkhKTlEX8bzBE3EXVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28f0344a6649cfbaa531378f79ba0fc5a0f13b9e07ed45fdd2e6d69307ee3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 03:25:23 GMT
x-content-type-options
nosniff
age
178685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
last-modified
Fri, 12 Oct 2018 09:31:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Sep 2023 03:25:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 5951 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 5951 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:55:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 5951 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:19 GMT
l
www.google.com/ads/measurement/ Frame 5951 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQN_RqUa1C9xYtjoyMxt2nytaAOyrfVkdt7_TXxuRtXfUqoLpig3a_lCaUBQAvsArPyOx1Mrp8oTMV3LEM07eGW-GQfng
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5951 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 5951 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e444f2d6ab82742be31853a29d3ddbf08f8189469ba254004ede7288d063b141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 21:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13501
x-xss-protection
0
server
cafe
etag
2740535871346252481
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 21:00:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5951 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJ3MSH2wdY-7LMoPB3wPS1raAAv69m7Fc8fKw9KsI5IrtpaELEAEgrOT2CGC7hoCA0AqgAYC03uIDyAECqAMByAPJBKoE2wFP0O3GWRk5rtYdPd7ie-lziq6b9XwMr7LVteFpa8DDVLtl5dNPwlcyEViouh5FRlpFWp6JyK-uldvOl-Ke-GxU_m7NDw2NeHcfrDZVdl0c3NI9tSgliov8wmXfo7ri1vv5PER93VgfBaJgaKUQCwDJa7ehnEfKQlu2_bGW_s7dsDKknd4e5FMK6TdAY6kTg4CIGLj_CMNeFfvuQCURRDmOlAQ5Xsyhpig9yHiM-vhNNqSzV6wazHONj5z4ZjtgTAyDjOCAh6xVW_GUVkNCI693y0GZ7BEkvDau3vXABLGhirO8AZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfoy6EdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ344I0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNDU3NzI1NDQzNTU5NzEwNBgA&sigh=aYRPFRkLYlU&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 4E60 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 10 Sep 2022 06:27:23 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
age
81379
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
PCrKmTROgtW8TjxEVGjHUAhxmX5S67IxtA_bwRgxhw9i6F_LPa-Sbg==
ptrack
a.audrte.com/ Frame 8DE7 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.108&p=M1353665098&artime=2022-09-11T05:03:28.137Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
cbd7a0d6e58be879a1b79769baf5809dd9fc0d7c6bcaf2963f50d3430dee6675

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B618 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
31664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 20:15:44 GMT
expires
Sun, 10 Sep 2023 20:15:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5359 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2e838e7cbd9a87d5f2456d9dd4aba04c244e39b7aa5a986c9bfe289d51794e95
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yOel9LErDJNPn668-P7B0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-yOel9LErDJNPn668-P7B0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
Sun, 11 Sep 2022 05:03:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
p
a.audrte.com/ Frame A422
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7212381495254490937
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEK6dH_bKjrZMyjQZF1W0U_o&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame A422 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame A422
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=&google_gid=CAESEHnAQGQ6qZ5xwmv0kRoBqkc&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
truncated
/ Frame 30D1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81d685a2f5080f926b60066bb702cadcac776403ffea25a12c54cddf36f752fd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
data
bcp.crwdcntrl.net/6/ Frame 4E60 		20 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.15.248
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3814
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 42EC 		668 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F7093d442-3247-44b8-9b22-5a8ab7bb9451%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA3LCJzaG93X2lkIjoiNzA5M2Q0NDItMzI0Ny00NGI4LTliMjItNWE4YWI3YmI5NDUxIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc8478c0ab75e1f7741a3099710db4a12&showId=7093d442-3247-44b8-9b22-5a8ab7bb9451&apuid=c258bbdd-272f-4551-b560-ae15395fcb10
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sun, 11 Sep 2022 05:03:28 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
si
googleads.g.doubleclick.net/pagead/drt/ Frame C945
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30D1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 05:29:41 GMT
x-content-type-options
nosniff
age
603227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 05:29:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30D1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 08:01:51 GMT
x-content-type-options
nosniff
age
248497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 08:01:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87BA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
31664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 20:15:44 GMT
expires
Sun, 10 Sep 2023 20:15:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2712 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a2e62c555ae2782fa0a3e405972091347c3d62cb16039e1a8fe7bb4c1226b5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FIXu9PeeqddT9jCm_wceRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-FIXu9PeeqddT9jCm_wceRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
Sun, 11 Sep 2022 05:03:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s
googleads.g.doubleclick.net/pagead/drt/ Frame 398C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 11 Sep 2022 04:39:21 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EA2C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
84682
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
if
a4p.adpartner.pro/tracker/ Frame 804B 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25227093d442-3247-44b8-9b22-5a8ab7bb9451%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25227093d442-3247-44b8-9b22-5a8ab7bb9451%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame C19B 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522c258bbdd-272f-4551-b560-ae15395fcb10%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25227093d442-3247-44b8-9b22-5a8ab7bb9451%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25227093d442-3247-44b8-9b22-5a8ab7bb9451%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
0
pragma
no-cache
server
nginx
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 2700 		155 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 10 Sep 2022 06:27:23 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
age
81379
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
iC0zYT24ece41vjrIxp7at5ClqmTU7SxSnqP0pkVcc3irlfMAgdqlg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0BB9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
31664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 20:15:44 GMT
expires
Sun, 10 Sep 2023 20:15:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1BB1 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
986209b670096a311ede4e796a4957e47482cc5417d7ae98ef6c4df604692f97
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E1OiE7LdHIB1pFQGAjpwtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-E1OiE7LdHIB1pFQGAjpwtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
Sun, 11 Sep 2022 05:03:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 5951 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa9104fcfc53111a3ac0ed288b2c3c7da2eaf541d52c5bb0c82f55de794fedeb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.co.uk/adsid/ Frame 34C5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 34C5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5230 		17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cad63c8ddf97c3f520af2ed3ca33a5617041806d4f66a573f8c836f3af9f6a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
8174
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p
a.audrte.com/ Frame 8DE7
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7212381495254490937
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 8DE7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 8DE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=&google_gid=CAESEK6dH_bKjrZMyjQZF1W0U_o&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EBD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVYtZvD_nZduDb1B36_NTwpQCUblpr6u-tNPQzVNfYesCoLKEuZ0fy86ibm6kIk9tS5--7wXa3N1vvr0Ls9va3o9oDcpI9dhY_mmG6o-9tfuena68
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 3EBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:55:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3EBD 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 3EBD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:19 GMT
l
www.google.com/ads/measurement/ Frame 3EBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPwu9KeeiXenlUK9ycSveAmRDZztcmCB-nEpz_yQ2F9zxgG0CgV69iBtSP_kmzSa2ADAcRRYxgzpHuVqqGeASsmtAR6Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
data
bcp.crwdcntrl.net/6/ Frame 2700 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.4.122
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 42EC 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F7093d442-3247-44b8-9b22-5a8ab7bb9451%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA3LCJzaG93X2lkIjoiNzA5M2Q0NDItMzI0Ny00NGI4LTliMjItNWE4YWI3YmI5NDUxIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc8478c0ab75e1f7741a3099710db4a12&showId=7093d442-3247-44b8-9b22-5a8ab7bb9451&apuid=c258bbdd-272f-4551-b560-ae15395fcb10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08ad01d28c2c56375fa1a78e04d082f91cb3e4e1f32fa9dc04c4ea72e39a7848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40162
x-xss-protection
0
server
cafe
etag
9321617896951982263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:28 GMT
ptrack
a.audrte.com/ Frame CA4F 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.108&p=M1353665098&artime=2022-09-11T05:03:28.439Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1c8572513703f62a64c67c4b14b3544f4a6559fbceb27217da911d01ec6562f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
pixel
googleads.g.doubleclick.net/xbbe/ Frame 905E 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIqco5cCELCmr98CGPWZ0dIBMAE&v=APEucNXmkd1jV-tHgBReEExpMH4_Z-k5emUUZm12NB2WdRWvntZRnwkyjWFHICQPyt2tIyHLDAufSDqsDhEK72-Zvm172czYP3GfhSnfYHumUDHYIUDz-3bRM9KOAK0bgrAyD1J89yIWRGijWBzMiESzoQgwuTRmzReRYKEJC0jdKSnI6c2K8TQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3EBD 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AX7wMy3SviB8Ke_tlsBealo0wktUfR9is3vjfP7nnXQmDK6c6wadmdBrmDP4N6Ye_Y34DTTu1YedMyOpNPxy__O584LU7_ALbmwV15nI1NPQBWE3qsvgRaEB8m04qjbbjAVS6N560-esxLbzs3wPG1FORZdj2G1r3PICCkhypCI9XRQps&cry=1&dbm_d=AKAmf-CpX2ryS6G17wxRjXQm08SAHvynSkBBOxIutvMTPWzVkNqre_gLU15qwNUVthfS4i48auEMPVKQHsrtb3_3DmLUuLrkYJ4K2N8W0AgBgaXgA9FJrouEXyFnJ0v66L8FTMeFy1t5Bw7nwpFDSGTu8F69hQnWQGPfboRcQzZs4WriYlQbOtsBMFHimmL1LWWtV0LCSBXHCbrfCybocjM24MtHiXhDRAbNgj0hfo1PUWeaoSB3IJ_E9I7WrpuTDaU1u8B_WWN3kLavKltPvfYMDiZuQSXcMdookAzIXo4iaqkhBV50gJiA2FGfalQ8pqG2wdWQX7yFD-BlkeAWkGzgNsXBoeEIXEhHnx2085kzfyoOxjCRc64_3vrGs5-QyF9AbiEp4eXeOTqpo9cLCbjNth-xgPfODq2xel7Fy7A3_lG87Ux2URXdJUWFQnRILpW8pkX9f7_F0m1lj0hQaY5FGNEC6WS5CS834fhNUBJhDhYJHIovCi8P1fG6qTFk0Z_mEyEf2RVxZZH8Z0Jy6c50fzpLfcm8dlVp8Dhrc7oosrowhyuivEmlRh20miv4Bb0GNuRnePErUqRK9QESHP9-HxHWtGkTnstaCcWiBqbtMyAFbSsIjLqcQoKK5gr0fIGcRYI7uzK9r9YFnaLmb78qsM0uSBE_Aci3mTAhMk11o1-GErJXEV7dG-qAji4bFy-S9KZLohNf1y68CD83bNW_gMru6pp4WZBJZRgx4rPt8Hg2WVom7d2IFJb2je3CiAjG8LC1ht3HuVFHY6iKWcXvxySQ2c52ckumX-GSzZg0plTTyxl8wS0M0KIcFqUVHHjZSx9YczdQdIJXXEUJwcda_w-hAac4TYKCOFvIqsR3kyXaOscLuwDheJA6RBBwAPqVbo0vIYUaNAdjdf41ReMUI4tB1lhrh8THGf3RxGTQOfgJn0NdGg-5_cx28J_faFbRxWVU8P9mvO-_ihLA9e9cCz_qI_5Pmf9WrjyXYiLmznZ8GAjsdPEd4YgH7QYqh_7fGfq6wndCc7Dg17hOO8CSrk9PkvKkPaHXvGGdiibawljeCcmw0nu4E4G9H6x_4DJNt0esNabxaQYEKCrOPU9eQFb1PodSzLpyq6DyyWGl7HtqVlYGM9kpEwUVVkMfBM8lynQqRxGqKk9cR7wK0Kc75iFxP-0fMHX6_SwejBhH3RAjZE43-zAYEjFPR2S81reZwR65hfwzEnonBoUHR7MpPS5ejHh-hd5NWd3xrznJFDiCbrdKd7oOx8xkvs_tMdgrvtycJ_qCjzgGILjcpXjMbds10B4TajrvlFLglXZAUojsGK4OoRt8wUu3f7uE30azq7vkuXtTbZZvqeHfSfClZ3kDoX-wnYcV9HnWPVQIkHUUUASK905eGq25I7oKe9uX70sPhDfnCLdSx1mV7yb8kX7q_HJ7VS3ikT9Coq-LggyGq48OPa92_yIPHhPzdz7mNWUbNW2o6eCsKoCnlkTJXc8Yi_yBFlci6bfYsqxK5omgCTZiq-679LrmkA7IMSGe5E0UOHjo3uJwasc2YEEHMG4vVOCplkVC0REAa0Hx8Y-GqgZYq9Re5dE30yla2nF2g8ONnvzPUg19JpRCghGVCOKevivtXeFXFluJDfMQweyQJygEEu00k8Rt4fbU2yHWdoDAjFKm59hnuyEwMU4Orza-aWDSb8yt19nt2ivVH573exWXvxCM4SVpP4LEMHt6GM6NDrUD7VkKRNWCl14mU-FSLwQynBVoEk3kpm5r7t-Fbpor2ezSl3V34cV6J-f3DB_6BVpx4MkCRU-x7NFQh0V_ZMItETJFYyw6QNym2c0dCv1CoTWEw5MYlQWrjDTkKjvH7i5-a3CkE7T-uHjBzuBsN4T3viFSfuU3pjcpVPOd_QuGDTErKokw1FQYZdl_N8yti4XGkRkenQO7VdZeQqVKZ7stE1KLscc5kEGEOhGoThKh1hMopUqRmadBP1fTZh8Icm_l9CsWwyqGaHpWRHQ2Hh0sl88Wlp_cT6RWK570TCxhibichfdFQWTg_ydUFdHDNftKJw0dq_k8FUbDzcanPGuwsFEh5SrBCupYGA5iaXbwFS08v02BM10rH6KvpdLlqoTm68SQlO69tmUXIKLwPxaLY1nPpNaYqP5QRYhQKo-UJEagoxAolMMdVw_EmYLlXJR2Hg0hfdPRegg1luwoeArA2BvxUCJMJN7MvtWJUYFetRAGkszD27PpBHGSUSTEpE4ZU82J8DsGW9oMPKC22R-dd9yXgg2aLy0YMBS88NTFXdtB6r8ddE-8c9u6Bgc16c8qJuw2TjCJhLxyVZFljf4UZ2_S9OR9VMkwz7ao_LcdLShK3KHRIYGYDl74c0WjUtW2lVLgl_K0NKKOsHizjD44AGdK3eBJP8k7Pqxew3pBGcTZK7OibFFF84VfTIwTi66Ho4jQltMUSYeQJIjF6DSqHL3q43Yr3ls7ONbldEvdds5p-oU6XID9IEvmHQsgNLiAciFgq_rZb0VWQUnuY-zAsEMWDKKVknaxZsNeKuwggdorDl7N_GdrbC7aZ-tBRQE2PvtPP_FDkrqdUVB85hPwuk7_OHuHRmCZwi29zbNwmNyUaccTdYRKpVg9iPJ4J40ckp2cMVS9Gm88JUtjGzG1dXbqHKS-G2QXoImFJC8UqZ4yP4cMLSVfPylr5xKL9zLhwkffhVtH6eZRPHCz1xig1AV9_fnW-A7v5T265cbX1r_OO7SXu3gv3DK0HUrY1GFFajYKlkjGiV2h_PBTfVu7dhlHXIbiw62Qn73dRJsdnt6UCbZjJzfZAAtEoh2cv0HmRo_gCScpGZN7jih3Hlgp7IJxANy-eh8OwJClfl1wViwK27DxD84QnMw55lIKVLJgVCebDKW17MIMCz23Upqdzazct5dudhUqbgLSpK_yicAfam_UlJXdKgWZ9WMkKCUczPrjuLRbf-F9C1lr_eYmg5KtWWO1nPkYY1KFwe04OpQDs6ocbxgN49ZHxq-m3BdxXlBSIAiW1Iw6XIqRRlL_kskDATTJBwcuzUwZopBThV-3DctZk-z8gSSQjxhHWwaQ4DsU2xVenpnbpBv3CHQfZHQ1KoTbPiokQg3-DqxH7uDPIsLrEUrHCbc3x6P8u7xzx1RcqW2dn2RboSAeWu9lKNnP7wbSen4Lm4vzZ5eFFZHyLgr3dqF8qqvr4HyOpRzqKkAuVihKMe5qmxLwUWdPl51VzCIBhvEtgupwCEmWukOPaA-JzdIB-hugjQGNlZiq9zgDYWaCWV-wJxmwgdAsPDS_HLm6VbUscwgxmZPEoAIChxsuSEyV3aYIbtHs8uAfN8TilJ_CpNyaPbM1-Tic3eM_fSql1kEeoXhslnhpqw4rx2yzQKXbmEBqC2KrBf5bb7ygFIclDGsahjf01xv1j_Z4Y-1nKEvgDZOKMq5KQJAhjj_zHvbnbpQwUsVS0waXuENumsmYgHaBBDTu7fDkityJno8-Ij9TAN-Cgm7dEAipz1ieV_sDAFvPrsnzdBU1V9VHs3N3KJzxnEEJBjv2EYnvgnzK-pEfih8kZ4tEFG9yd0682fl42rwFlmAUtfTJ&cid=CAASJORouRNOyrIy344Eb8umm5Te1-hkXH-BuPOnGHjuhaGuF2tpZyAN&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
830fdf7bbb938d72d5b2561e2ccfb714b8b3e7ccb355a0626d18232034388eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33870
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.dtscout.com/idg/ Frame 7C17 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=6D001662872608329D5A2E3765F634E2
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/801/?v=1&pid=8017&site=1&l=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&j=https%3A%2F%2Fs.adtelligent.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163187.ip-51-89-99.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3ede1f8ead7ab6ad46fcfbcd04376bb970dc12f52a42daf3e7dfb5df156b818b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 05:03:28 GMT
Expires
Sun, 11 Sep 2022 05:03:27 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:03:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 14E4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1662872607&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607219&bpp=3&bdt=563&idt=283&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=2&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=389783505&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&oid=2&pvsid=3398602431255708&tmod=422649564&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iit81nfu3o5i&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7DAB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c6bf593e80e811db71a5eb12029ba1652189db51e604a34c458e554faa3304f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11199
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame 7DAB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_34360240315586376&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D77a2724d956f31dbc21c89e7cf9c9800
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
truncated
/ Frame 24A2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
041c802ef56b72c210216f5ccd22f9b9c7e3d98476670c6284990fba4a1930b3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 004B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d59b6974258894dfb89e5a54670784f6417df5a47bdefb58fefe99e94d6ef933

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame EA2C
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4D__-gEG5F0xt2sgqH9T6U_C_rgLUi2b4Jl0kt...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXgxc0h3QU05V1dNRXdBSw&google_push=AehlK4D__-gEG5F0xt2sgqH9T6U_C_rgLUi2b4Jl0kts5K90t9ebWazFq4z2tv8quyt1k2IpcqawN8j8THfdJLWqW1RY5qLqFm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXgxc0h3QU05V1dNRXdBSw&google_push=AehlK4D__-gEG5F0xt2sgqH9T6U_C_rgLUi2b4Jl0kts5K90t9ebWazFq4z2tv8quyt1k2IpcqawN8j8THfdJLWqW1RY5qLqFm9qYw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXgxc0h3QU05V1dNRXdBSw&google_push=AehlK4D__-gEG5F0xt2sgqH9T6U_C_rgLUi2b4Jl0kts5K90t9ebWazFq4z2tv8quyt1k2IpcqawN8j8THfdJLWqW1RY5qLqFm9qYw
Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
Apache
Connection
keep-alive
Content-Length
393
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame EA2C
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4An78-FJev87Xjgg1JSfGz0M6Apj_WiWzm1LCk8P0tzzRc6yUseeA2eACkB8ik6UIIjE2ZV3TAX85ESWrrbpwVotqCtfKbKAQ&google_gid=CAESEM8U-S1chpv_Ts4bVmhJJok&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKDY9ZgGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BZWhsSzRBbjc4LUZKZXY4N1hqZ2cxSlNmR3owTTZBcGpfV2lXem0xTENrOFAwdHp6UmM2eVVzZWVBMmVBQ2tCOGlrNlVJSWpFMlpWM1RBWDg1RVNXcn...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTElLZm1KbWw1U0hORkU0MmJkZ1RsMDB4MEpCUGduUTNsRlBSRUVCeFJ5TQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTElLZm1KbWw1U0hORkU0MmJkZ1RsMDB4MEpCUGduUTNsRlBSRUVCeFJ5TQ==&google_push
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 11 Sep 2022 05:03:28 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTElLZm1KbWw1U0hORkU0MmJkZ1RsMDB4MEpCUGduUTNsRlBSRUVCeFJ5TQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
odr.mookie1.com/t/v2/ Frame EA2C 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFDdyFvrGhnzFP9g_uo3Agk&google_push=AehlK4BhNLzjhqgg70XblIl4jtSWfo0MgOROfX4cxYEyULp4k_7MK9XTRhh1pV7MSj4irszZBf6gMca5ZeVjZtLijB3K_Bbio1ZLKg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame EA2C 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBJM_4diwCkgd7nMhT4usW8&google_cver=1&google_push=AehlK4ClBz3Q1cN7VZb2AIgTYTqqOdaDUjTwD92aufV0wgog6vWKPQrCwFSt0nau0tWzmdmrIoS4GCNuiMtXnR3iFZlATc5i1fAp-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EA2C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFTK6IZaXazkMykoyzlzaEY&google_cver=1&google_push=AehlK4BaYB-HIGCDo3cCMcFm4grWqq7aFH-gTN58KaeEGIgEnwmyeMnatEkedvz_RxeHW_LCW_X...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXVkYwSDEtRy00NTIx&google_push=AehlK4BaYB-HIGCDo3cCMcFm4grWqq7aFH-gTN58KaeEGIgEnwmyeMnatEkedvz_RxeHW_LCW_XVgYWAHHKBoVa1vS1g5jLzMcCI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXVkYwSDEtRy00NTIx&google_push=AehlK4BaYB-HIGCDo3cCMcFm4grWqq7aFH-gTN58KaeEGIgEnwmyeMnatEkedvz_RxeHW_LCW_XVgYWAHHKBoVa1vS1g5jLzMcCI
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXVkYwSDEtRy00NTIx&google_push=AehlK4BaYB-HIGCDo3cCMcFm4grWqq7aFH-gTN58KaeEGIgEnwmyeMnatEkedvz_RxeHW_LCW_XVgYWAHHKBoVa1vS1g5jLzMcCI
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
trk
ag.innovid.com/ Frame EA2C 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIhOQ2STIgX8mZksW4uPzyU&google_cver=1&google_push=AehlK4DaE05U6858FH5nkFXL7AT9h1gr957nEUFozYUePrnrbFfGkKJiFxA3UOyZrgwiDcnCgx5vIu093OyUCBPwBwdLoXiP3bDf-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame EA2C 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame EA2C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LY8RrS7jCYCiMRwlGDH-g5OF9_SXI4cmCdWeJUe1CezMtVXTU6KEmr68OppKT5OCLhACtaMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 5359 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=3398602431255708&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame B618 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 9BB8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958785&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607068&bpp=2&bdt=377&idt=418&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=3769811681476&frm=22&ife=1&pv=1&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.13hv8b4d75bi&fsb=1&xpc=0eVxkv4WDp&p=https%3A//file.adpartner.pro&dtd=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 7D92 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112158&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_34360240315586376%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F0cea86eb-d8e2-45fc-ae58-0791dedb3f9a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYyODcyNjA2LCJzaG93X2lkIjoiMGNlYTg2ZWItZDhlMi00NWZjLWFlNTgtMDc5MWRlZGIzZjlhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYzI1OGJiZGQtMjcyZi00NTUxLWI1NjAtYWUxNTM5NWZjYjEwIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D77a2724d956f31dbc21c89e7cf9c9800&wgl=1&dt=1662872607049&bpp=13&bdt=359&idt=396&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=3769811681476&frm=22&ife=1&pv=2&ga_vid=259048582.1662872607&ga_sid=1662872607&ga_hid=1353646800&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2635988689&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069177&oid=2&pvsid=1202049663548947&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.q5qnulrrvabp&fsb=1&xpc=45mM4ZmRsU&p=https%3A//file.adpartner.pro&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 398C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
expires
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame BECE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1662872607&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1662872607322&bpp=4&bdt=658&idt=447&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1922290337&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44760912%2C31069448&oid=2&pvsid=3400003674732753&tmod=325605661&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.k3tvbm3lw67v&fsb=1&dtd=462
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2712 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=3400003674732753&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 905E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfIa_2Yav7u1Dz9l8hjw0&google_cver=1
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfIa_2Yav7u1Dz9l8hjw0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIqco5cCELCmr98CGPWZ0dIBMAE&v=APEucNXmkd1jV-tHgBReEExpMH4_Z-k5emUUZm12NB2WdRWvntZRnwkyjWFHICQPyt2tIyHLDAufSDqsDhEK72-Zvm172czYP3GfhSnfYHumUDHYIUDz-3bRM9KOAK0bgrAyD1J89yIWRGijWBzMiESzoQgwuTRmzReRYKEJC0jdKSnI6c2K8TQ
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
748ddb6c482176e1-LHR
pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4ZAD8ZUkNDL2RXFsJ%2FZC2yDZuecbUZZlasQbTx4K5pvMIi9sPnoETvOOELuaYiRD%2BwaWSjvvgGcPfclAqNh6WT%2BT0a94N64UKKKA2HxL1cwJVAdvKLJfcJA5oUVOmliC1kSPfmblr18zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfIa_2Yav7u1Dz9l8hjw0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 905E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx1sHx0B6JWRY.o2BtkD7gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfIa_2Yav7u1Dz9l8hjw0&google_cver=1&google_hm=2
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfIa_2Yav7u1Dz9l8hjw0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIqco5cCELCmr98CGPWZ0dIBMAE&v=APEucNXmkd1jV-tHgBReEExpMH4_Z-k5emUUZm12NB2WdRWvntZRnwkyjWFHICQPyt2tIyHLDAufSDqsDhEK72-Zvm172czYP3GfhSnfYHumUDHYIUDz-3bRM9KOAK0bgrAyD1J89yIWRGijWBzMiESzoQgwuTRmzReRYKEJC0jdKSnI6c2K8TQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
748ddb6e9859dcf3-LHR
pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYwakJIODxjqjLvdJJh7dSqJRPMEsBGLTgQSW0dYUKpzBTomAgJlR%2BGaggjtG%2Br6tw0F22b3pld7dIzlPhysFA7h2vzEjdnUoUAx5of%2Bx057uMp8wU7nC%2ForcoVzUAMHydu3BVhaD4VmFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfIa_2Yav7u1Dz9l8hjw0&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 905E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJbT5UHZTte2oRTgcui8wN4&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJbT5UHZTte2oRTgcui8wN4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIqco5cCELCmr98CGPWZ0dIBMAE&v=APEucNXmkd1jV-tHgBReEExpMH4_Z-k5emUUZm12NB2WdRWvntZRnwkyjWFHICQPyt2tIyHLDAufSDqsDhEK72-Zvm172czYP3GfhSnfYHumUDHYIUDz-3bRM9KOAK0bgrAyD1J89yIWRGijWBzMiESzoQgwuTRmzReRYKEJC0jdKSnI6c2K8TQ
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:28 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ca135ce8-9d70-4fd6-aa67-a7e55aac4a13
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJbT5UHZTte2oRTgcui8wN4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 905E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg2MDA3MTk2NDQzMjQ4NTM1NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg2MDA3MTk2NDQzMjQ4NTM1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIqco5cCELCmr98CGPWZ0dIBMAE&v=APEucNXmkd1jV-tHgBReEExpMH4_Z-k5emUUZm12NB2WdRWvntZRnwkyjWFHICQPyt2tIyHLDAufSDqsDhEK72-Zvm172czYP3GfhSnfYHumUDHYIUDz-3bRM9KOAK0bgrAyD1J89yIWRGijWBzMiESzoQgwuTRmzReRYKEJC0jdKSnI6c2K8TQ
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:03:28 GMT
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
f147d1d2-5e8e-4228-b171-5b9fed1ee9a6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg2MDA3MTk2NDQzMjQ4NTM1NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1BB1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=574968481285100&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3EBD 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Sep 2022 07:50:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 3EBD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AX7wMy3SviB8Ke_tlsBealo0wktUfR9is3vjfP7nnXQmDK6c6wadmdBrmDP4N6Ye_Y34DTTu1YedMyOpNPxy__O584LU7_ALbmwV15nI1NPQBWE3qsvgRaEB8m04qjbbjAVS6N560-esxLbzs3wPG1FORZdj2G1r3PICCkhypCI9XRQps&cry=1&dbm_d=AKAmf-CpX2ryS6G17wxRjXQm08SAHvynSkBBOxIutvMTPWzVkNqre_gLU15qwNUVthfS4i48auEMPVKQHsrtb3_3DmLUuLrkYJ4K2N8W0AgBgaXgA9FJrouEXyFnJ0v66L8FTMeFy1t5Bw7nwpFDSGTu8F69hQnWQGPfboRcQzZs4WriYlQbOtsBMFHimmL1LWWtV0LCSBXHCbrfCybocjM24MtHiXhDRAbNgj0hfo1PUWeaoSB3IJ_E9I7WrpuTDaU1u8B_WWN3kLavKltPvfYMDiZuQSXcMdookAzIXo4iaqkhBV50gJiA2FGfalQ8pqG2wdWQX7yFD-BlkeAWkGzgNsXBoeEIXEhHnx2085kzfyoOxjCRc64_3vrGs5-QyF9AbiEp4eXeOTqpo9cLCbjNth-xgPfODq2xel7Fy7A3_lG87Ux2URXdJUWFQnRILpW8pkX9f7_F0m1lj0hQaY5FGNEC6WS5CS834fhNUBJhDhYJHIovCi8P1fG6qTFk0Z_mEyEf2RVxZZH8Z0Jy6c50fzpLfcm8dlVp8Dhrc7oosrowhyuivEmlRh20miv4Bb0GNuRnePErUqRK9QESHP9-HxHWtGkTnstaCcWiBqbtMyAFbSsIjLqcQoKK5gr0fIGcRYI7uzK9r9YFnaLmb78qsM0uSBE_Aci3mTAhMk11o1-GErJXEV7dG-qAji4bFy-S9KZLohNf1y68CD83bNW_gMru6pp4WZBJZRgx4rPt8Hg2WVom7d2IFJb2je3CiAjG8LC1ht3HuVFHY6iKWcXvxySQ2c52ckumX-GSzZg0plTTyxl8wS0M0KIcFqUVHHjZSx9YczdQdIJXXEUJwcda_w-hAac4TYKCOFvIqsR3kyXaOscLuwDheJA6RBBwAPqVbo0vIYUaNAdjdf41ReMUI4tB1lhrh8THGf3RxGTQOfgJn0NdGg-5_cx28J_faFbRxWVU8P9mvO-_ihLA9e9cCz_qI_5Pmf9WrjyXYiLmznZ8GAjsdPEd4YgH7QYqh_7fGfq6wndCc7Dg17hOO8CSrk9PkvKkPaHXvGGdiibawljeCcmw0nu4E4G9H6x_4DJNt0esNabxaQYEKCrOPU9eQFb1PodSzLpyq6DyyWGl7HtqVlYGM9kpEwUVVkMfBM8lynQqRxGqKk9cR7wK0Kc75iFxP-0fMHX6_SwejBhH3RAjZE43-zAYEjFPR2S81reZwR65hfwzEnonBoUHR7MpPS5ejHh-hd5NWd3xrznJFDiCbrdKd7oOx8xkvs_tMdgrvtycJ_qCjzgGILjcpXjMbds10B4TajrvlFLglXZAUojsGK4OoRt8wUu3f7uE30azq7vkuXtTbZZvqeHfSfClZ3kDoX-wnYcV9HnWPVQIkHUUUASK905eGq25I7oKe9uX70sPhDfnCLdSx1mV7yb8kX7q_HJ7VS3ikT9Coq-LggyGq48OPa92_yIPHhPzdz7mNWUbNW2o6eCsKoCnlkTJXc8Yi_yBFlci6bfYsqxK5omgCTZiq-679LrmkA7IMSGe5E0UOHjo3uJwasc2YEEHMG4vVOCplkVC0REAa0Hx8Y-GqgZYq9Re5dE30yla2nF2g8ONnvzPUg19JpRCghGVCOKevivtXeFXFluJDfMQweyQJygEEu00k8Rt4fbU2yHWdoDAjFKm59hnuyEwMU4Orza-aWDSb8yt19nt2ivVH573exWXvxCM4SVpP4LEMHt6GM6NDrUD7VkKRNWCl14mU-FSLwQynBVoEk3kpm5r7t-Fbpor2ezSl3V34cV6J-f3DB_6BVpx4MkCRU-x7NFQh0V_ZMItETJFYyw6QNym2c0dCv1CoTWEw5MYlQWrjDTkKjvH7i5-a3CkE7T-uHjBzuBsN4T3viFSfuU3pjcpVPOd_QuGDTErKokw1FQYZdl_N8yti4XGkRkenQO7VdZeQqVKZ7stE1KLscc5kEGEOhGoThKh1hMopUqRmadBP1fTZh8Icm_l9CsWwyqGaHpWRHQ2Hh0sl88Wlp_cT6RWK570TCxhibichfdFQWTg_ydUFdHDNftKJw0dq_k8FUbDzcanPGuwsFEh5SrBCupYGA5iaXbwFS08v02BM10rH6KvpdLlqoTm68SQlO69tmUXIKLwPxaLY1nPpNaYqP5QRYhQKo-UJEagoxAolMMdVw_EmYLlXJR2Hg0hfdPRegg1luwoeArA2BvxUCJMJN7MvtWJUYFetRAGkszD27PpBHGSUSTEpE4ZU82J8DsGW9oMPKC22R-dd9yXgg2aLy0YMBS88NTFXdtB6r8ddE-8c9u6Bgc16c8qJuw2TjCJhLxyVZFljf4UZ2_S9OR9VMkwz7ao_LcdLShK3KHRIYGYDl74c0WjUtW2lVLgl_K0NKKOsHizjD44AGdK3eBJP8k7Pqxew3pBGcTZK7OibFFF84VfTIwTi66Ho4jQltMUSYeQJIjF6DSqHL3q43Yr3ls7ONbldEvdds5p-oU6XID9IEvmHQsgNLiAciFgq_rZb0VWQUnuY-zAsEMWDKKVknaxZsNeKuwggdorDl7N_GdrbC7aZ-tBRQE2PvtPP_FDkrqdUVB85hPwuk7_OHuHRmCZwi29zbNwmNyUaccTdYRKpVg9iPJ4J40ckp2cMVS9Gm88JUtjGzG1dXbqHKS-G2QXoImFJC8UqZ4yP4cMLSVfPylr5xKL9zLhwkffhVtH6eZRPHCz1xig1AV9_fnW-A7v5T265cbX1r_OO7SXu3gv3DK0HUrY1GFFajYKlkjGiV2h_PBTfVu7dhlHXIbiw62Qn73dRJsdnt6UCbZjJzfZAAtEoh2cv0HmRo_gCScpGZN7jih3Hlgp7IJxANy-eh8OwJClfl1wViwK27DxD84QnMw55lIKVLJgVCebDKW17MIMCz23Upqdzazct5dudhUqbgLSpK_yicAfam_UlJXdKgWZ9WMkKCUczPrjuLRbf-F9C1lr_eYmg5KtWWO1nPkYY1KFwe04OpQDs6ocbxgN49ZHxq-m3BdxXlBSIAiW1Iw6XIqRRlL_kskDATTJBwcuzUwZopBThV-3DctZk-z8gSSQjxhHWwaQ4DsU2xVenpnbpBv3CHQfZHQ1KoTbPiokQg3-DqxH7uDPIsLrEUrHCbc3x6P8u7xzx1RcqW2dn2RboSAeWu9lKNnP7wbSen4Lm4vzZ5eFFZHyLgr3dqF8qqvr4HyOpRzqKkAuVihKMe5qmxLwUWdPl51VzCIBhvEtgupwCEmWukOPaA-JzdIB-hugjQGNlZiq9zgDYWaCWV-wJxmwgdAsPDS_HLm6VbUscwgxmZPEoAIChxsuSEyV3aYIbtHs8uAfN8TilJ_CpNyaPbM1-Tic3eM_fSql1kEeoXhslnhpqw4rx2yzQKXbmEBqC2KrBf5bb7ygFIclDGsahjf01xv1j_Z4Y-1nKEvgDZOKMq5KQJAhjj_zHvbnbpQwUsVS0waXuENumsmYgHaBBDTu7fDkityJno8-Ij9TAN-Cgm7dEAipz1ieV_sDAFvPrsnzdBU1V9VHs3N3KJzxnEEJBjv2EYnvgnzK-pEfih8kZ4tEFG9yd0682fl42rwFlmAUtfTJ&cid=CAASJORouRNOyrIy344Eb8umm5Te1-hkXH-BuPOnGHjuhaGuF2tpZyAN&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 05:00:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 3EBD 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AX7wMy3SviB8Ke_tlsBealo0wktUfR9is3vjfP7nnXQmDK6c6wadmdBrmDP4N6Ye_Y34DTTu1YedMyOpNPxy__O584LU7_ALbmwV15nI1NPQBWE3qsvgRaEB8m04qjbbjAVS6N560-esxLbzs3wPG1FORZdj2G1r3PICCkhypCI9XRQps&cry=1&dbm_d=AKAmf-CpX2ryS6G17wxRjXQm08SAHvynSkBBOxIutvMTPWzVkNqre_gLU15qwNUVthfS4i48auEMPVKQHsrtb3_3DmLUuLrkYJ4K2N8W0AgBgaXgA9FJrouEXyFnJ0v66L8FTMeFy1t5Bw7nwpFDSGTu8F69hQnWQGPfboRcQzZs4WriYlQbOtsBMFHimmL1LWWtV0LCSBXHCbrfCybocjM24MtHiXhDRAbNgj0hfo1PUWeaoSB3IJ_E9I7WrpuTDaU1u8B_WWN3kLavKltPvfYMDiZuQSXcMdookAzIXo4iaqkhBV50gJiA2FGfalQ8pqG2wdWQX7yFD-BlkeAWkGzgNsXBoeEIXEhHnx2085kzfyoOxjCRc64_3vrGs5-QyF9AbiEp4eXeOTqpo9cLCbjNth-xgPfODq2xel7Fy7A3_lG87Ux2URXdJUWFQnRILpW8pkX9f7_F0m1lj0hQaY5FGNEC6WS5CS834fhNUBJhDhYJHIovCi8P1fG6qTFk0Z_mEyEf2RVxZZH8Z0Jy6c50fzpLfcm8dlVp8Dhrc7oosrowhyuivEmlRh20miv4Bb0GNuRnePErUqRK9QESHP9-HxHWtGkTnstaCcWiBqbtMyAFbSsIjLqcQoKK5gr0fIGcRYI7uzK9r9YFnaLmb78qsM0uSBE_Aci3mTAhMk11o1-GErJXEV7dG-qAji4bFy-S9KZLohNf1y68CD83bNW_gMru6pp4WZBJZRgx4rPt8Hg2WVom7d2IFJb2je3CiAjG8LC1ht3HuVFHY6iKWcXvxySQ2c52ckumX-GSzZg0plTTyxl8wS0M0KIcFqUVHHjZSx9YczdQdIJXXEUJwcda_w-hAac4TYKCOFvIqsR3kyXaOscLuwDheJA6RBBwAPqVbo0vIYUaNAdjdf41ReMUI4tB1lhrh8THGf3RxGTQOfgJn0NdGg-5_cx28J_faFbRxWVU8P9mvO-_ihLA9e9cCz_qI_5Pmf9WrjyXYiLmznZ8GAjsdPEd4YgH7QYqh_7fGfq6wndCc7Dg17hOO8CSrk9PkvKkPaHXvGGdiibawljeCcmw0nu4E4G9H6x_4DJNt0esNabxaQYEKCrOPU9eQFb1PodSzLpyq6DyyWGl7HtqVlYGM9kpEwUVVkMfBM8lynQqRxGqKk9cR7wK0Kc75iFxP-0fMHX6_SwejBhH3RAjZE43-zAYEjFPR2S81reZwR65hfwzEnonBoUHR7MpPS5ejHh-hd5NWd3xrznJFDiCbrdKd7oOx8xkvs_tMdgrvtycJ_qCjzgGILjcpXjMbds10B4TajrvlFLglXZAUojsGK4OoRt8wUu3f7uE30azq7vkuXtTbZZvqeHfSfClZ3kDoX-wnYcV9HnWPVQIkHUUUASK905eGq25I7oKe9uX70sPhDfnCLdSx1mV7yb8kX7q_HJ7VS3ikT9Coq-LggyGq48OPa92_yIPHhPzdz7mNWUbNW2o6eCsKoCnlkTJXc8Yi_yBFlci6bfYsqxK5omgCTZiq-679LrmkA7IMSGe5E0UOHjo3uJwasc2YEEHMG4vVOCplkVC0REAa0Hx8Y-GqgZYq9Re5dE30yla2nF2g8ONnvzPUg19JpRCghGVCOKevivtXeFXFluJDfMQweyQJygEEu00k8Rt4fbU2yHWdoDAjFKm59hnuyEwMU4Orza-aWDSb8yt19nt2ivVH573exWXvxCM4SVpP4LEMHt6GM6NDrUD7VkKRNWCl14mU-FSLwQynBVoEk3kpm5r7t-Fbpor2ezSl3V34cV6J-f3DB_6BVpx4MkCRU-x7NFQh0V_ZMItETJFYyw6QNym2c0dCv1CoTWEw5MYlQWrjDTkKjvH7i5-a3CkE7T-uHjBzuBsN4T3viFSfuU3pjcpVPOd_QuGDTErKokw1FQYZdl_N8yti4XGkRkenQO7VdZeQqVKZ7stE1KLscc5kEGEOhGoThKh1hMopUqRmadBP1fTZh8Icm_l9CsWwyqGaHpWRHQ2Hh0sl88Wlp_cT6RWK570TCxhibichfdFQWTg_ydUFdHDNftKJw0dq_k8FUbDzcanPGuwsFEh5SrBCupYGA5iaXbwFS08v02BM10rH6KvpdLlqoTm68SQlO69tmUXIKLwPxaLY1nPpNaYqP5QRYhQKo-UJEagoxAolMMdVw_EmYLlXJR2Hg0hfdPRegg1luwoeArA2BvxUCJMJN7MvtWJUYFetRAGkszD27PpBHGSUSTEpE4ZU82J8DsGW9oMPKC22R-dd9yXgg2aLy0YMBS88NTFXdtB6r8ddE-8c9u6Bgc16c8qJuw2TjCJhLxyVZFljf4UZ2_S9OR9VMkwz7ao_LcdLShK3KHRIYGYDl74c0WjUtW2lVLgl_K0NKKOsHizjD44AGdK3eBJP8k7Pqxew3pBGcTZK7OibFFF84VfTIwTi66Ho4jQltMUSYeQJIjF6DSqHL3q43Yr3ls7ONbldEvdds5p-oU6XID9IEvmHQsgNLiAciFgq_rZb0VWQUnuY-zAsEMWDKKVknaxZsNeKuwggdorDl7N_GdrbC7aZ-tBRQE2PvtPP_FDkrqdUVB85hPwuk7_OHuHRmCZwi29zbNwmNyUaccTdYRKpVg9iPJ4J40ckp2cMVS9Gm88JUtjGzG1dXbqHKS-G2QXoImFJC8UqZ4yP4cMLSVfPylr5xKL9zLhwkffhVtH6eZRPHCz1xig1AV9_fnW-A7v5T265cbX1r_OO7SXu3gv3DK0HUrY1GFFajYKlkjGiV2h_PBTfVu7dhlHXIbiw62Qn73dRJsdnt6UCbZjJzfZAAtEoh2cv0HmRo_gCScpGZN7jih3Hlgp7IJxANy-eh8OwJClfl1wViwK27DxD84QnMw55lIKVLJgVCebDKW17MIMCz23Upqdzazct5dudhUqbgLSpK_yicAfam_UlJXdKgWZ9WMkKCUczPrjuLRbf-F9C1lr_eYmg5KtWWO1nPkYY1KFwe04OpQDs6ocbxgN49ZHxq-m3BdxXlBSIAiW1Iw6XIqRRlL_kskDATTJBwcuzUwZopBThV-3DctZk-z8gSSQjxhHWwaQ4DsU2xVenpnbpBv3CHQfZHQ1KoTbPiokQg3-DqxH7uDPIsLrEUrHCbc3x6P8u7xzx1RcqW2dn2RboSAeWu9lKNnP7wbSen4Lm4vzZ5eFFZHyLgr3dqF8qqvr4HyOpRzqKkAuVihKMe5qmxLwUWdPl51VzCIBhvEtgupwCEmWukOPaA-JzdIB-hugjQGNlZiq9zgDYWaCWV-wJxmwgdAsPDS_HLm6VbUscwgxmZPEoAIChxsuSEyV3aYIbtHs8uAfN8TilJ_CpNyaPbM1-Tic3eM_fSql1kEeoXhslnhpqw4rx2yzQKXbmEBqC2KrBf5bb7ygFIclDGsahjf01xv1j_Z4Y-1nKEvgDZOKMq5KQJAhjj_zHvbnbpQwUsVS0waXuENumsmYgHaBBDTu7fDkityJno8-Ij9TAN-Cgm7dEAipz1ieV_sDAFvPrsnzdBU1V9VHs3N3KJzxnEEJBjv2EYnvgnzK-pEfih8kZ4tEFG9yd0682fl42rwFlmAUtfTJ&cid=CAASJORouRNOyrIy344Eb8umm5Te1-hkXH-BuPOnGHjuhaGuF2tpZyAN&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:59:19 GMT
p
a.audrte.com/ Frame CA4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=&google_gid=CAESEK6dH_bKjrZMyjQZF1W0U_o&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame CA4F
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7212381495254490937
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame CA4F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ Frame 42EC 		345 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02567b181cb4cf10c1c1a13c3508712f613c27bd66cccf6127e6cab293c739e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124233
x-xss-protection
0
server
cafe
etag
1592125900519903390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:03:28 GMT
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 87BA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 0BB9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7DAB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9750 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGI-UoMwBMAE&v=APEucNXsaNeWJ7_LVWtqXCHaYhF31zaP-HN6Ih0E0359GBrsQBy5wj6kpWyzhvlza0RqnBFnDkCoOr_LmU51pG4SkKW3tOfgeQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4E4E 		70 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz6uvPzieEznXMCdPBN6BfF_MXrSxWjAmkA_xR6iKR611lvyRw5P9WVAYGtQ43c5ncdKldTImJHBRfp4MOD8IQaqLnQg&cry=1&dbm_d=AKAmf-C96mhgnmjXMlleUWxutu6grVDouWhQIGHbwWL7cHYwhnHQXs5RcVM1qVFEr2wCmR-2280L2K5B7HAz-dcrl7_R86PB1V3HW0_HaKd2U22c1MvU0Yc5txaJFwuq1Erof_NNeyskxWSXf-n22o_UcpyIt5oVarIQe5yv-dpi8Wo0BTClquS63wUiamB7qFbm4leNDcTZP4ghzXICKMgQMqS_IypwK9g1la3URKAaJNCDZWz68-VMwpzHKffhoTW5j9lzyuICzrrkICOOx9FNlpOZp2NfgI0N8zDkXrbEU0Qpd1-hd1RaP5UaFkaNn50y3D7YPwgBRvfaakKPa01z92MfvYIdnLDwq3vQxD2LDYoD4COF5_owZKfqu7slvUhMau_LGRNTO0eu5j1rVNtmAuuaqgcWHS9s-SmN9hJJzLdUew-wHG5t4aRZbxdTvXP-sJMBHCU6n0UGTlrMk_MXMGutOnMuHborYPDsjZOPtf4lLeMM5zB8XBSa1pPZ9e9NAVu0XpYNfS9VaYMQHymsNbIaNYUcjcbqyrtOu7y1tQX8wxdPsjaHopvi8bJwR9pJFUaymoAj6p5PJCX-AWwkD-CEIvWeePf7heU_bjgK5OxM2JD7oqU30KUMxa1OFO7QO4xaEQ-iwmqJXrvAFb5IrPPke_1om2-5CIv5u_oS2eGFrFjZhzrOwJE_gApurEilN8Aq82_1O5wrlhejSKQoJEF0qPy0gPBqEEYsSmD3LG2d5mYGbT9fstvf2BPc_kT85riXZCaNWIXuX-GNmN8Ts33_zErLzfmX2z_gpoL2FgiJeQFE-HAIdtKebRWi9dY5qNu7Mz2ddJQStMJNA5OTQ_64x5JjsYgRSMtpz9MkRX9T1Y9RDBiuPtQUakeYf7wFu7UQAveqCQMv2mnKT85Ni10fgkU144dc1Vn9IY_OxEiOWAADpUKOZYDWwAN0Py8h8I6q5G9Q4vwID13F_0DYlt-kI3CSyEXZS0F8nSTQz8Jf2g9lbHgD_GTAULRp9DK2fhbb9qk4Gjm1GsIq-eV4I0BZzZB-sRUD2fjAyPeSAdmWUpFEqebObBYC57-duw1emJ1dByvaeYqZMXQ_jI9qULFaei53C9eHTKMXnwERKbTRMXGCuypecKGF3wAiXOAnqNgoPzwtIU1BLiZc8E67Guaj59xu6SxH8tvlV3XB4M5UpgpZP9F6Ipv6ZO5MywhLXAK591y8QQx9PZCsR67qBYoYnQhWHJMbQPjUXGI6n_g_GgVFq-pJLhS1qI7V0SOEWrIuCO9LTMIyb-qoA-kWTNVmfhQsF5FKNuGDSKzTGf6UhPgjebLS03azmUbea1Ce17jQqdKx51GUoN9LlBGaHuByosh6_GrfYpBTHWUe2QmZM38Or2IpHgoUhn7L0NiNwMcM6B_QaEnEYb5kgoOR7mgniWkFJCeK3MN8QtBmlKiezDF1YkoxloViMXF7kJlnhfOp9-77SxufGes6CofNQn6gA6S0wCQf6sT5KfoFSV8Ul5jsmrdYrGN7U0XuQZ-k1iMIS9qPBd36hwRN57nqOVXSHOOIlX6308djFXTlj0MSqcetr_d2PkiLNzu2VfMOIxIw_Fgs9eoO1836TJAElY84RSJumndcRft_hWZbI0tMaXx59KI3oTG3rONnkYEcrVNrjyRhXkZLMUwV4c38TkKOE_5_ah6pO1ji90T3n6LKFgKMLO0BcCY5sQodPh-TSIr7-zWJrBdKm6h_ikTzwaDhZ6sVp0jPPCUnlcd5-VviLG2hPsmP9ZsUqfGGpI_Ma6CNyCKCYmwbiyllp9Yk1GOiMnL_-piZlYL-rCd44pmPz15Hk4GFO6HMiOBlsP8-uUHWSSOE_f0PCt_s0B8MPRBIiVeD9CLIfpeR4-tM8kRFhOJheQH7l6iMb-vDma7POyNnuKP_t_qZkWSotPSzAPcr3OUS24fj0OqQoh2Z4PXuAeMf7gGSATKEXChGosagFyNgQcSNXr2hFY1CZ9EJeJyx884Vxfh_xHGtw7t8WIIg3A-dU0SvqE2BGBp6DOPuMfGAdyTRVftY4ItuHhfvWZg_hlFIZOdPLhYV8hJRfRFzxlQ63g8UtXo2mim-4p-GMYArDhvyxnV2ZXVIUHTULXvow3C6Mfokrg49v34ZorHo7quIh6S_xjXr_2DzvQqeXehQF3zhMLVfNAY2HZmB0U6g2--zLuTSfGldpPIn0NOk7CeE29XdphH6Y0UR-YJRAJUGwPqR1DYsV4sLefLrr2zFFV0kMpgSvppjRNOttJMaw_k5LZvNvkzyRcqVY34KYcYTNuBAH44aQypz5FbEH85QA37Hv0zw0pVvw2YVrNxTDjlPakJJV1DfPIQnHglhHJg9qs4clOYM2GW5BnRO0LrTGgrs-OnksX1sKTgYXZPOP6vUHTyCK_C5X1-PGdPiy1iYi1_IyTNHWDfVueU9p8c-_8BpQcRKcu_8D4Mgst54b5c-IbKgpxWujW9OakEi3SUR0VqYTlf6l9my2oXyoQPS9Nq6mfk009UE10fWUFBaD7SXXgsoJE4JBbYieRuYTrArDF52HxmeKL0lKkxLsEHOAT2NnevDAnGM_8MgkjmjJ2j7dAeyMP3GV199LvfoTiJaW0HUW0JJyuQdNfo4dk5kpg-z5YSEzJ7YzRL_keziXvpRwkr9LaDvp2Y26Zwujvj5ohQkJt3v5h69fLcAnzaEGrVda3LE86rEPKsJG5vrzImqVvwTu5nVuKnTQqBK3rquL21iLrDWv4Izo12XGhfTcelRFFM25AD-_-iRmVOMylSCPIOLwpjNMY4uEswUrERjmzhBIUVFdI5jcJL7RT19_v5yADY4fzUGA6DFRSSR0233dJu5SRdXu6mOyJAc1yuQdLEixP2nSmK0pLaBMe9NtdoaSw7KXkElw3eqbfVojvso5cBrPL_uAd5sni2hQiWC0HNiidKTxZO0kXN1sTl6D_r0zZJg3JOBzwgNwcFdNlvwemtYZcyU1d27AJAvOLXtrRl0TFjOP_0w5MwzQX5PeBQnkEefV-9v9VZEC7hpfmiuBJeEVZsYP8I0DLHsqE524Wg2&cid=CAASEuRoiGcRsHyxqIqizy4eWwa_5iAN&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17baf7b8788b848390db0525181b96f9a7c0e026d691c337cecda415d4a68706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33193
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 4E4E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:55:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E4E 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 4E4E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:44:19 GMT
l
www.google.com/ads/measurement/ Frame 4E4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTI4xM7YPX-qY1nn4tissVN70zcCNpngcCh59Jh--830U2k1JLur3nnq5IK8M9y0S222mAkc9iO8mml_02ZQ8WqHTCuxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E4E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CyTSk1oih4fFo-PzmzMRZZoA63LDS_-Rsa-Kt6HdKDh1RVvH-w1pc4wEqYHGAd_-iRmgIHUyzCKd8kQpqGSGc1G1swM_er23U2u_ZTPmWDeZD5z-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptrack
a.audrte.com/ Frame 0A5D 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.108&p=M1353665098&artime=2022-09-11T05:03:28.891Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
cbd7a0d6e58be879a1b79769baf5809dd9fc0d7c6bcaf2963f50d3430dee6675

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:28 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3EBD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:19:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 414B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
84682
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 42EC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 42EC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F4C8 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872608591&bpp=12&bdt=234&idt=372&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=8319949371909&frm=8&ife=1&pv=2&ga_vid=1033675270.1662872609&ga_sid=1662872609&ga_hid=1022233842&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=683743404&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=1548045983190275&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.k1jx1vqmbihy&fsb=1&dtd=377
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 4E4E 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz6uvPzieEznXMCdPBN6BfF_MXrSxWjAmkA_xR6iKR611lvyRw5P9WVAYGtQ43c5ncdKldTImJHBRfp4MOD8IQaqLnQg&cry=1&dbm_d=AKAmf-C96mhgnmjXMlleUWxutu6grVDouWhQIGHbwWL7cHYwhnHQXs5RcVM1qVFEr2wCmR-2280L2K5B7HAz-dcrl7_R86PB1V3HW0_HaKd2U22c1MvU0Yc5txaJFwuq1Erof_NNeyskxWSXf-n22o_UcpyIt5oVarIQe5yv-dpi8Wo0BTClquS63wUiamB7qFbm4leNDcTZP4ghzXICKMgQMqS_IypwK9g1la3URKAaJNCDZWz68-VMwpzHKffhoTW5j9lzyuICzrrkICOOx9FNlpOZp2NfgI0N8zDkXrbEU0Qpd1-hd1RaP5UaFkaNn50y3D7YPwgBRvfaakKPa01z92MfvYIdnLDwq3vQxD2LDYoD4COF5_owZKfqu7slvUhMau_LGRNTO0eu5j1rVNtmAuuaqgcWHS9s-SmN9hJJzLdUew-wHG5t4aRZbxdTvXP-sJMBHCU6n0UGTlrMk_MXMGutOnMuHborYPDsjZOPtf4lLeMM5zB8XBSa1pPZ9e9NAVu0XpYNfS9VaYMQHymsNbIaNYUcjcbqyrtOu7y1tQX8wxdPsjaHopvi8bJwR9pJFUaymoAj6p5PJCX-AWwkD-CEIvWeePf7heU_bjgK5OxM2JD7oqU30KUMxa1OFO7QO4xaEQ-iwmqJXrvAFb5IrPPke_1om2-5CIv5u_oS2eGFrFjZhzrOwJE_gApurEilN8Aq82_1O5wrlhejSKQoJEF0qPy0gPBqEEYsSmD3LG2d5mYGbT9fstvf2BPc_kT85riXZCaNWIXuX-GNmN8Ts33_zErLzfmX2z_gpoL2FgiJeQFE-HAIdtKebRWi9dY5qNu7Mz2ddJQStMJNA5OTQ_64x5JjsYgRSMtpz9MkRX9T1Y9RDBiuPtQUakeYf7wFu7UQAveqCQMv2mnKT85Ni10fgkU144dc1Vn9IY_OxEiOWAADpUKOZYDWwAN0Py8h8I6q5G9Q4vwID13F_0DYlt-kI3CSyEXZS0F8nSTQz8Jf2g9lbHgD_GTAULRp9DK2fhbb9qk4Gjm1GsIq-eV4I0BZzZB-sRUD2fjAyPeSAdmWUpFEqebObBYC57-duw1emJ1dByvaeYqZMXQ_jI9qULFaei53C9eHTKMXnwERKbTRMXGCuypecKGF3wAiXOAnqNgoPzwtIU1BLiZc8E67Guaj59xu6SxH8tvlV3XB4M5UpgpZP9F6Ipv6ZO5MywhLXAK591y8QQx9PZCsR67qBYoYnQhWHJMbQPjUXGI6n_g_GgVFq-pJLhS1qI7V0SOEWrIuCO9LTMIyb-qoA-kWTNVmfhQsF5FKNuGDSKzTGf6UhPgjebLS03azmUbea1Ce17jQqdKx51GUoN9LlBGaHuByosh6_GrfYpBTHWUe2QmZM38Or2IpHgoUhn7L0NiNwMcM6B_QaEnEYb5kgoOR7mgniWkFJCeK3MN8QtBmlKiezDF1YkoxloViMXF7kJlnhfOp9-77SxufGes6CofNQn6gA6S0wCQf6sT5KfoFSV8Ul5jsmrdYrGN7U0XuQZ-k1iMIS9qPBd36hwRN57nqOVXSHOOIlX6308djFXTlj0MSqcetr_d2PkiLNzu2VfMOIxIw_Fgs9eoO1836TJAElY84RSJumndcRft_hWZbI0tMaXx59KI3oTG3rONnkYEcrVNrjyRhXkZLMUwV4c38TkKOE_5_ah6pO1ji90T3n6LKFgKMLO0BcCY5sQodPh-TSIr7-zWJrBdKm6h_ikTzwaDhZ6sVp0jPPCUnlcd5-VviLG2hPsmP9ZsUqfGGpI_Ma6CNyCKCYmwbiyllp9Yk1GOiMnL_-piZlYL-rCd44pmPz15Hk4GFO6HMiOBlsP8-uUHWSSOE_f0PCt_s0B8MPRBIiVeD9CLIfpeR4-tM8kRFhOJheQH7l6iMb-vDma7POyNnuKP_t_qZkWSotPSzAPcr3OUS24fj0OqQoh2Z4PXuAeMf7gGSATKEXChGosagFyNgQcSNXr2hFY1CZ9EJeJyx884Vxfh_xHGtw7t8WIIg3A-dU0SvqE2BGBp6DOPuMfGAdyTRVftY4ItuHhfvWZg_hlFIZOdPLhYV8hJRfRFzxlQ63g8UtXo2mim-4p-GMYArDhvyxnV2ZXVIUHTULXvow3C6Mfokrg49v34ZorHo7quIh6S_xjXr_2DzvQqeXehQF3zhMLVfNAY2HZmB0U6g2--zLuTSfGldpPIn0NOk7CeE29XdphH6Y0UR-YJRAJUGwPqR1DYsV4sLefLrr2zFFV0kMpgSvppjRNOttJMaw_k5LZvNvkzyRcqVY34KYcYTNuBAH44aQypz5FbEH85QA37Hv0zw0pVvw2YVrNxTDjlPakJJV1DfPIQnHglhHJg9qs4clOYM2GW5BnRO0LrTGgrs-OnksX1sKTgYXZPOP6vUHTyCK_C5X1-PGdPiy1iYi1_IyTNHWDfVueU9p8c-_8BpQcRKcu_8D4Mgst54b5c-IbKgpxWujW9OakEi3SUR0VqYTlf6l9my2oXyoQPS9Nq6mfk009UE10fWUFBaD7SXXgsoJE4JBbYieRuYTrArDF52HxmeKL0lKkxLsEHOAT2NnevDAnGM_8MgkjmjJ2j7dAeyMP3GV199LvfoTiJaW0HUW0JJyuQdNfo4dk5kpg-z5YSEzJ7YzRL_keziXvpRwkr9LaDvp2Y26Zwujvj5ohQkJt3v5h69fLcAnzaEGrVda3LE86rEPKsJG5vrzImqVvwTu5nVuKnTQqBK3rquL21iLrDWv4Izo12XGhfTcelRFFM25AD-_-iRmVOMylSCPIOLwpjNMY4uEswUrERjmzhBIUVFdI5jcJL7RT19_v5yADY4fzUGA6DFRSSR0233dJu5SRdXu6mOyJAc1yuQdLEixP2nSmK0pLaBMe9NtdoaSw7KXkElw3eqbfVojvso5cBrPL_uAd5sni2hQiWC0HNiidKTxZO0kXN1sTl6D_r0zZJg3JOBzwgNwcFdNlvwemtYZcyU1d27AJAvOLXtrRl0TFjOP_0w5MwzQX5PeBQnkEefV-9v9VZEC7hpfmiuBJeEVZsYP8I0DLHsqE524Wg2&cid=CAASEuRoiGcRsHyxqIqizy4eWwa_5iAN&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 04:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 04:59:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 4E4E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz6uvPzieEznXMCdPBN6BfF_MXrSxWjAmkA_xR6iKR611lvyRw5P9WVAYGtQ43c5ncdKldTImJHBRfp4MOD8IQaqLnQg&cry=1&dbm_d=AKAmf-C96mhgnmjXMlleUWxutu6grVDouWhQIGHbwWL7cHYwhnHQXs5RcVM1qVFEr2wCmR-2280L2K5B7HAz-dcrl7_R86PB1V3HW0_HaKd2U22c1MvU0Yc5txaJFwuq1Erof_NNeyskxWSXf-n22o_UcpyIt5oVarIQe5yv-dpi8Wo0BTClquS63wUiamB7qFbm4leNDcTZP4ghzXICKMgQMqS_IypwK9g1la3URKAaJNCDZWz68-VMwpzHKffhoTW5j9lzyuICzrrkICOOx9FNlpOZp2NfgI0N8zDkXrbEU0Qpd1-hd1RaP5UaFkaNn50y3D7YPwgBRvfaakKPa01z92MfvYIdnLDwq3vQxD2LDYoD4COF5_owZKfqu7slvUhMau_LGRNTO0eu5j1rVNtmAuuaqgcWHS9s-SmN9hJJzLdUew-wHG5t4aRZbxdTvXP-sJMBHCU6n0UGTlrMk_MXMGutOnMuHborYPDsjZOPtf4lLeMM5zB8XBSa1pPZ9e9NAVu0XpYNfS9VaYMQHymsNbIaNYUcjcbqyrtOu7y1tQX8wxdPsjaHopvi8bJwR9pJFUaymoAj6p5PJCX-AWwkD-CEIvWeePf7heU_bjgK5OxM2JD7oqU30KUMxa1OFO7QO4xaEQ-iwmqJXrvAFb5IrPPke_1om2-5CIv5u_oS2eGFrFjZhzrOwJE_gApurEilN8Aq82_1O5wrlhejSKQoJEF0qPy0gPBqEEYsSmD3LG2d5mYGbT9fstvf2BPc_kT85riXZCaNWIXuX-GNmN8Ts33_zErLzfmX2z_gpoL2FgiJeQFE-HAIdtKebRWi9dY5qNu7Mz2ddJQStMJNA5OTQ_64x5JjsYgRSMtpz9MkRX9T1Y9RDBiuPtQUakeYf7wFu7UQAveqCQMv2mnKT85Ni10fgkU144dc1Vn9IY_OxEiOWAADpUKOZYDWwAN0Py8h8I6q5G9Q4vwID13F_0DYlt-kI3CSyEXZS0F8nSTQz8Jf2g9lbHgD_GTAULRp9DK2fhbb9qk4Gjm1GsIq-eV4I0BZzZB-sRUD2fjAyPeSAdmWUpFEqebObBYC57-duw1emJ1dByvaeYqZMXQ_jI9qULFaei53C9eHTKMXnwERKbTRMXGCuypecKGF3wAiXOAnqNgoPzwtIU1BLiZc8E67Guaj59xu6SxH8tvlV3XB4M5UpgpZP9F6Ipv6ZO5MywhLXAK591y8QQx9PZCsR67qBYoYnQhWHJMbQPjUXGI6n_g_GgVFq-pJLhS1qI7V0SOEWrIuCO9LTMIyb-qoA-kWTNVmfhQsF5FKNuGDSKzTGf6UhPgjebLS03azmUbea1Ce17jQqdKx51GUoN9LlBGaHuByosh6_GrfYpBTHWUe2QmZM38Or2IpHgoUhn7L0NiNwMcM6B_QaEnEYb5kgoOR7mgniWkFJCeK3MN8QtBmlKiezDF1YkoxloViMXF7kJlnhfOp9-77SxufGes6CofNQn6gA6S0wCQf6sT5KfoFSV8Ul5jsmrdYrGN7U0XuQZ-k1iMIS9qPBd36hwRN57nqOVXSHOOIlX6308djFXTlj0MSqcetr_d2PkiLNzu2VfMOIxIw_Fgs9eoO1836TJAElY84RSJumndcRft_hWZbI0tMaXx59KI3oTG3rONnkYEcrVNrjyRhXkZLMUwV4c38TkKOE_5_ah6pO1ji90T3n6LKFgKMLO0BcCY5sQodPh-TSIr7-zWJrBdKm6h_ikTzwaDhZ6sVp0jPPCUnlcd5-VviLG2hPsmP9ZsUqfGGpI_Ma6CNyCKCYmwbiyllp9Yk1GOiMnL_-piZlYL-rCd44pmPz15Hk4GFO6HMiOBlsP8-uUHWSSOE_f0PCt_s0B8MPRBIiVeD9CLIfpeR4-tM8kRFhOJheQH7l6iMb-vDma7POyNnuKP_t_qZkWSotPSzAPcr3OUS24fj0OqQoh2Z4PXuAeMf7gGSATKEXChGosagFyNgQcSNXr2hFY1CZ9EJeJyx884Vxfh_xHGtw7t8WIIg3A-dU0SvqE2BGBp6DOPuMfGAdyTRVftY4ItuHhfvWZg_hlFIZOdPLhYV8hJRfRFzxlQ63g8UtXo2mim-4p-GMYArDhvyxnV2ZXVIUHTULXvow3C6Mfokrg49v34ZorHo7quIh6S_xjXr_2DzvQqeXehQF3zhMLVfNAY2HZmB0U6g2--zLuTSfGldpPIn0NOk7CeE29XdphH6Y0UR-YJRAJUGwPqR1DYsV4sLefLrr2zFFV0kMpgSvppjRNOttJMaw_k5LZvNvkzyRcqVY34KYcYTNuBAH44aQypz5FbEH85QA37Hv0zw0pVvw2YVrNxTDjlPakJJV1DfPIQnHglhHJg9qs4clOYM2GW5BnRO0LrTGgrs-OnksX1sKTgYXZPOP6vUHTyCK_C5X1-PGdPiy1iYi1_IyTNHWDfVueU9p8c-_8BpQcRKcu_8D4Mgst54b5c-IbKgpxWujW9OakEi3SUR0VqYTlf6l9my2oXyoQPS9Nq6mfk009UE10fWUFBaD7SXXgsoJE4JBbYieRuYTrArDF52HxmeKL0lKkxLsEHOAT2NnevDAnGM_8MgkjmjJ2j7dAeyMP3GV199LvfoTiJaW0HUW0JJyuQdNfo4dk5kpg-z5YSEzJ7YzRL_keziXvpRwkr9LaDvp2Y26Zwujvj5ohQkJt3v5h69fLcAnzaEGrVda3LE86rEPKsJG5vrzImqVvwTu5nVuKnTQqBK3rquL21iLrDWv4Izo12XGhfTcelRFFM25AD-_-iRmVOMylSCPIOLwpjNMY4uEswUrERjmzhBIUVFdI5jcJL7RT19_v5yADY4fzUGA6DFRSSR0233dJu5SRdXu6mOyJAc1yuQdLEixP2nSmK0pLaBMe9NtdoaSw7KXkElw3eqbfVojvso5cBrPL_uAd5sni2hQiWC0HNiidKTxZO0kXN1sTl6D_r0zZJg3JOBzwgNwcFdNlvwemtYZcyU1d27AJAvOLXtrRl0TFjOP_0w5MwzQX5PeBQnkEefV-9v9VZEC7hpfmiuBJeEVZsYP8I0DLHsqE524Wg2&cid=CAASEuRoiGcRsHyxqIqizy4eWwa_5iAN&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 05:00:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4E4E 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWo7xWaypzOeVhLwwOWqMyS8_3yZDqoENteCuaQQzTQeFC0hlqLV23-mXc3rS5pqazPMnyM4T8dY-IBlos9MhIZMAEjSqaCKJuQ8WlzhZ1wLVmGjn3-8a9PhC_Ii-D7bjB5T1utITO3zuNre1VvJrOlccShjleZWqll1IRQqnky2bjoocppF0OmVo6TkWj1tC6uglHf2hRVZo4J-bF4Ta_C_QVZLXLHD-j2ocfefs1SU60CwphGe39zrxn7RmEBMP27UN2xyDceBk9AqIFuWSj6JYs7xSM0e7VOleq36xBOMFP3LX3JBKpK7ffQKyNb1Gbmmt2Eq5C1vI0UQNE1tClmJlkszpUbQ34xnRZ0efsmbpQGBs9JzRWZOwl4XW9JWEgBEUSFcw8TFymw58dyRfY46fi7Cydkh7SbFJIzbclroeCEkpP10XN1oQ7bP_JiiaPVaKQYHs7zNVj1zy0aevixFAxKJzwKlPVldajgAyVo0H9MvZkMH-k9YTAwzic0ascZqq1i0Nic_XW_577mkr4nZ_f1m7I5VTFJJhoemYddWdu-vPJ6FCGsacAgbfXKB_8YKh_vY3bCrmPLTShgBKuaifixUPh1M5GSsD7NYGHePjjBFG3e18M3Xtq2Xkmn7Xcc4HAHrSdG_tChccW2NQ937lDva3gYt7qQ3_OgnuIXVN61IZK0KuwRRa04MpA5QkR-serKCt2_9qkJ3x_v2BNqzeBuUHCZLMIs_Dc2zqc5UqOuNLgoafDcwROR0_5DNJiKlngrtgJ0dcHFiQnHRzHC6CJPGRJA2F2O3vhm7Cw4UovDbmaBeCy9aRNEuoIJB1Rqe9x0hhYuVkWP_LHg0qGZ39wPIypLjp0ZoTPE4UNWnCkXh9W9itfEeumPusJscPZkYTkUHJRnbQJNtrttq77njtzle8Yqm5ROWca_CDhfPwwSlQBmlVcRH9VkQU3fVnAJSzphu4OaaPpVH6vfhHiBHAQyN6ISSxaYTUBpEaOrlmJgI6p7HBE6VjZVMGamVaablrsxl8neU-oVGoZNQir-oFR69hgZbn-OeChTQKfAjQlA4sDKjsFagkZt8AXn-bAV204wwb-aysOkcbVK61CldWgU5H7L7qejdb-69DbZHfQeC7FLi9Ypi5u-T-BX5h0AkEDR3NosmgosXtNgFzTIanLmWpH1RRuZYX7rvZntSsVFNIcDYgFuhmtMuHkU63zbDeEjdsIeqcOqH7ZaHE&sai=AMfl-YR9EmsVELHTdxG89vklnlUEBNCwbBnJfcl9nquFuJg-oAAVV_sDDI3epc0M6YjX0kkFRqexC1PHnqWV0e5g5ffWcDcnic5zfz8Gp-IxcHZyuaecvW37zZVWO8vJzGVZRBRqFXsIbert1UgDWfkEMLIp9x3S3NSCM_xT32ZfAzhySx9X0Yrqqdqe&sig=Cg0ArKJSzNvHv2kUBUE_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.20976&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz6uvPzieEznXMCdPBN6BfF_MXrSxWjAmkA_xR6iKR611lvyRw5P9WVAYGtQ43c5ncdKldTImJHBRfp4MOD8IQaqLnQg&cry=1&dbm_d=AKAmf-C96mhgnmjXMlleUWxutu6grVDouWhQIGHbwWL7cHYwhnHQXs5RcVM1qVFEr2wCmR-2280L2K5B7HAz-dcrl7_R86PB1V3HW0_HaKd2U22c1MvU0Yc5txaJFwuq1Erof_NNeyskxWSXf-n22o_UcpyIt5oVarIQe5yv-dpi8Wo0BTClquS63wUiamB7qFbm4leNDcTZP4ghzXICKMgQMqS_IypwK9g1la3URKAaJNCDZWz68-VMwpzHKffhoTW5j9lzyuICzrrkICOOx9FNlpOZp2NfgI0N8zDkXrbEU0Qpd1-hd1RaP5UaFkaNn50y3D7YPwgBRvfaakKPa01z92MfvYIdnLDwq3vQxD2LDYoD4COF5_owZKfqu7slvUhMau_LGRNTO0eu5j1rVNtmAuuaqgcWHS9s-SmN9hJJzLdUew-wHG5t4aRZbxdTvXP-sJMBHCU6n0UGTlrMk_MXMGutOnMuHborYPDsjZOPtf4lLeMM5zB8XBSa1pPZ9e9NAVu0XpYNfS9VaYMQHymsNbIaNYUcjcbqyrtOu7y1tQX8wxdPsjaHopvi8bJwR9pJFUaymoAj6p5PJCX-AWwkD-CEIvWeePf7heU_bjgK5OxM2JD7oqU30KUMxa1OFO7QO4xaEQ-iwmqJXrvAFb5IrPPke_1om2-5CIv5u_oS2eGFrFjZhzrOwJE_gApurEilN8Aq82_1O5wrlhejSKQoJEF0qPy0gPBqEEYsSmD3LG2d5mYGbT9fstvf2BPc_kT85riXZCaNWIXuX-GNmN8Ts33_zErLzfmX2z_gpoL2FgiJeQFE-HAIdtKebRWi9dY5qNu7Mz2ddJQStMJNA5OTQ_64x5JjsYgRSMtpz9MkRX9T1Y9RDBiuPtQUakeYf7wFu7UQAveqCQMv2mnKT85Ni10fgkU144dc1Vn9IY_OxEiOWAADpUKOZYDWwAN0Py8h8I6q5G9Q4vwID13F_0DYlt-kI3CSyEXZS0F8nSTQz8Jf2g9lbHgD_GTAULRp9DK2fhbb9qk4Gjm1GsIq-eV4I0BZzZB-sRUD2fjAyPeSAdmWUpFEqebObBYC57-duw1emJ1dByvaeYqZMXQ_jI9qULFaei53C9eHTKMXnwERKbTRMXGCuypecKGF3wAiXOAnqNgoPzwtIU1BLiZc8E67Guaj59xu6SxH8tvlV3XB4M5UpgpZP9F6Ipv6ZO5MywhLXAK591y8QQx9PZCsR67qBYoYnQhWHJMbQPjUXGI6n_g_GgVFq-pJLhS1qI7V0SOEWrIuCO9LTMIyb-qoA-kWTNVmfhQsF5FKNuGDSKzTGf6UhPgjebLS03azmUbea1Ce17jQqdKx51GUoN9LlBGaHuByosh6_GrfYpBTHWUe2QmZM38Or2IpHgoUhn7L0NiNwMcM6B_QaEnEYb5kgoOR7mgniWkFJCeK3MN8QtBmlKiezDF1YkoxloViMXF7kJlnhfOp9-77SxufGes6CofNQn6gA6S0wCQf6sT5KfoFSV8Ul5jsmrdYrGN7U0XuQZ-k1iMIS9qPBd36hwRN57nqOVXSHOOIlX6308djFXTlj0MSqcetr_d2PkiLNzu2VfMOIxIw_Fgs9eoO1836TJAElY84RSJumndcRft_hWZbI0tMaXx59KI3oTG3rONnkYEcrVNrjyRhXkZLMUwV4c38TkKOE_5_ah6pO1ji90T3n6LKFgKMLO0BcCY5sQodPh-TSIr7-zWJrBdKm6h_ikTzwaDhZ6sVp0jPPCUnlcd5-VviLG2hPsmP9ZsUqfGGpI_Ma6CNyCKCYmwbiyllp9Yk1GOiMnL_-piZlYL-rCd44pmPz15Hk4GFO6HMiOBlsP8-uUHWSSOE_f0PCt_s0B8MPRBIiVeD9CLIfpeR4-tM8kRFhOJheQH7l6iMb-vDma7POyNnuKP_t_qZkWSotPSzAPcr3OUS24fj0OqQoh2Z4PXuAeMf7gGSATKEXChGosagFyNgQcSNXr2hFY1CZ9EJeJyx884Vxfh_xHGtw7t8WIIg3A-dU0SvqE2BGBp6DOPuMfGAdyTRVftY4ItuHhfvWZg_hlFIZOdPLhYV8hJRfRFzxlQ63g8UtXo2mim-4p-GMYArDhvyxnV2ZXVIUHTULXvow3C6Mfokrg49v34ZorHo7quIh6S_xjXr_2DzvQqeXehQF3zhMLVfNAY2HZmB0U6g2--zLuTSfGldpPIn0NOk7CeE29XdphH6Y0UR-YJRAJUGwPqR1DYsV4sLefLrr2zFFV0kMpgSvppjRNOttJMaw_k5LZvNvkzyRcqVY34KYcYTNuBAH44aQypz5FbEH85QA37Hv0zw0pVvw2YVrNxTDjlPakJJV1DfPIQnHglhHJg9qs4clOYM2GW5BnRO0LrTGgrs-OnksX1sKTgYXZPOP6vUHTyCK_C5X1-PGdPiy1iYi1_IyTNHWDfVueU9p8c-_8BpQcRKcu_8D4Mgst54b5c-IbKgpxWujW9OakEi3SUR0VqYTlf6l9my2oXyoQPS9Nq6mfk009UE10fWUFBaD7SXXgsoJE4JBbYieRuYTrArDF52HxmeKL0lKkxLsEHOAT2NnevDAnGM_8MgkjmjJ2j7dAeyMP3GV199LvfoTiJaW0HUW0JJyuQdNfo4dk5kpg-z5YSEzJ7YzRL_keziXvpRwkr9LaDvp2Y26Zwujvj5ohQkJt3v5h69fLcAnzaEGrVda3LE86rEPKsJG5vrzImqVvwTu5nVuKnTQqBK3rquL21iLrDWv4Izo12XGhfTcelRFFM25AD-_-iRmVOMylSCPIOLwpjNMY4uEswUrERjmzhBIUVFdI5jcJL7RT19_v5yADY4fzUGA6DFRSSR0233dJu5SRdXu6mOyJAc1yuQdLEixP2nSmK0pLaBMe9NtdoaSw7KXkElw3eqbfVojvso5cBrPL_uAd5sni2hQiWC0HNiidKTxZO0kXN1sTl6D_r0zZJg3JOBzwgNwcFdNlvwemtYZcyU1d27AJAvOLXtrRl0TFjOP_0w5MwzQX5PeBQnkEefV-9v9VZEC7hpfmiuBJeEVZsYP8I0DLHsqE524Wg2&cid=CAASEuRoiGcRsHyxqIqizy4eWwa_5iAN&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 11 Sep 2022 05:03:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4E4E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz6uvPzieEznXMCdPBN6BfF_MXrSxWjAmkA_xR6iKR611lvyRw5P9WVAYGtQ43c5ncdKldTImJHBRfp4MOD8IQaqLnQg&cry=1&dbm_d=AKAmf-C96mhgnmjXMlleUWxutu6grVDouWhQIGHbwWL7cHYwhnHQXs5RcVM1qVFEr2wCmR-2280L2K5B7HAz-dcrl7_R86PB1V3HW0_HaKd2U22c1MvU0Yc5txaJFwuq1Erof_NNeyskxWSXf-n22o_UcpyIt5oVarIQe5yv-dpi8Wo0BTClquS63wUiamB7qFbm4leNDcTZP4ghzXICKMgQMqS_IypwK9g1la3URKAaJNCDZWz68-VMwpzHKffhoTW5j9lzyuICzrrkICOOx9FNlpOZp2NfgI0N8zDkXrbEU0Qpd1-hd1RaP5UaFkaNn50y3D7YPwgBRvfaakKPa01z92MfvYIdnLDwq3vQxD2LDYoD4COF5_owZKfqu7slvUhMau_LGRNTO0eu5j1rVNtmAuuaqgcWHS9s-SmN9hJJzLdUew-wHG5t4aRZbxdTvXP-sJMBHCU6n0UGTlrMk_MXMGutOnMuHborYPDsjZOPtf4lLeMM5zB8XBSa1pPZ9e9NAVu0XpYNfS9VaYMQHymsNbIaNYUcjcbqyrtOu7y1tQX8wxdPsjaHopvi8bJwR9pJFUaymoAj6p5PJCX-AWwkD-CEIvWeePf7heU_bjgK5OxM2JD7oqU30KUMxa1OFO7QO4xaEQ-iwmqJXrvAFb5IrPPke_1om2-5CIv5u_oS2eGFrFjZhzrOwJE_gApurEilN8Aq82_1O5wrlhejSKQoJEF0qPy0gPBqEEYsSmD3LG2d5mYGbT9fstvf2BPc_kT85riXZCaNWIXuX-GNmN8Ts33_zErLzfmX2z_gpoL2FgiJeQFE-HAIdtKebRWi9dY5qNu7Mz2ddJQStMJNA5OTQ_64x5JjsYgRSMtpz9MkRX9T1Y9RDBiuPtQUakeYf7wFu7UQAveqCQMv2mnKT85Ni10fgkU144dc1Vn9IY_OxEiOWAADpUKOZYDWwAN0Py8h8I6q5G9Q4vwID13F_0DYlt-kI3CSyEXZS0F8nSTQz8Jf2g9lbHgD_GTAULRp9DK2fhbb9qk4Gjm1GsIq-eV4I0BZzZB-sRUD2fjAyPeSAdmWUpFEqebObBYC57-duw1emJ1dByvaeYqZMXQ_jI9qULFaei53C9eHTKMXnwERKbTRMXGCuypecKGF3wAiXOAnqNgoPzwtIU1BLiZc8E67Guaj59xu6SxH8tvlV3XB4M5UpgpZP9F6Ipv6ZO5MywhLXAK591y8QQx9PZCsR67qBYoYnQhWHJMbQPjUXGI6n_g_GgVFq-pJLhS1qI7V0SOEWrIuCO9LTMIyb-qoA-kWTNVmfhQsF5FKNuGDSKzTGf6UhPgjebLS03azmUbea1Ce17jQqdKx51GUoN9LlBGaHuByosh6_GrfYpBTHWUe2QmZM38Or2IpHgoUhn7L0NiNwMcM6B_QaEnEYb5kgoOR7mgniWkFJCeK3MN8QtBmlKiezDF1YkoxloViMXF7kJlnhfOp9-77SxufGes6CofNQn6gA6S0wCQf6sT5KfoFSV8Ul5jsmrdYrGN7U0XuQZ-k1iMIS9qPBd36hwRN57nqOVXSHOOIlX6308djFXTlj0MSqcetr_d2PkiLNzu2VfMOIxIw_Fgs9eoO1836TJAElY84RSJumndcRft_hWZbI0tMaXx59KI3oTG3rONnkYEcrVNrjyRhXkZLMUwV4c38TkKOE_5_ah6pO1ji90T3n6LKFgKMLO0BcCY5sQodPh-TSIr7-zWJrBdKm6h_ikTzwaDhZ6sVp0jPPCUnlcd5-VviLG2hPsmP9ZsUqfGGpI_Ma6CNyCKCYmwbiyllp9Yk1GOiMnL_-piZlYL-rCd44pmPz15Hk4GFO6HMiOBlsP8-uUHWSSOE_f0PCt_s0B8MPRBIiVeD9CLIfpeR4-tM8kRFhOJheQH7l6iMb-vDma7POyNnuKP_t_qZkWSotPSzAPcr3OUS24fj0OqQoh2Z4PXuAeMf7gGSATKEXChGosagFyNgQcSNXr2hFY1CZ9EJeJyx884Vxfh_xHGtw7t8WIIg3A-dU0SvqE2BGBp6DOPuMfGAdyTRVftY4ItuHhfvWZg_hlFIZOdPLhYV8hJRfRFzxlQ63g8UtXo2mim-4p-GMYArDhvyxnV2ZXVIUHTULXvow3C6Mfokrg49v34ZorHo7quIh6S_xjXr_2DzvQqeXehQF3zhMLVfNAY2HZmB0U6g2--zLuTSfGldpPIn0NOk7CeE29XdphH6Y0UR-YJRAJUGwPqR1DYsV4sLefLrr2zFFV0kMpgSvppjRNOttJMaw_k5LZvNvkzyRcqVY34KYcYTNuBAH44aQypz5FbEH85QA37Hv0zw0pVvw2YVrNxTDjlPakJJV1DfPIQnHglhHJg9qs4clOYM2GW5BnRO0LrTGgrs-OnksX1sKTgYXZPOP6vUHTyCK_C5X1-PGdPiy1iYi1_IyTNHWDfVueU9p8c-_8BpQcRKcu_8D4Mgst54b5c-IbKgpxWujW9OakEi3SUR0VqYTlf6l9my2oXyoQPS9Nq6mfk009UE10fWUFBaD7SXXgsoJE4JBbYieRuYTrArDF52HxmeKL0lKkxLsEHOAT2NnevDAnGM_8MgkjmjJ2j7dAeyMP3GV199LvfoTiJaW0HUW0JJyuQdNfo4dk5kpg-z5YSEzJ7YzRL_keziXvpRwkr9LaDvp2Y26Zwujvj5ohQkJt3v5h69fLcAnzaEGrVda3LE86rEPKsJG5vrzImqVvwTu5nVuKnTQqBK3rquL21iLrDWv4Izo12XGhfTcelRFFM25AD-_-iRmVOMylSCPIOLwpjNMY4uEswUrERjmzhBIUVFdI5jcJL7RT19_v5yADY4fzUGA6DFRSSR0233dJu5SRdXu6mOyJAc1yuQdLEixP2nSmK0pLaBMe9NtdoaSw7KXkElw3eqbfVojvso5cBrPL_uAd5sni2hQiWC0HNiidKTxZO0kXN1sTl6D_r0zZJg3JOBzwgNwcFdNlvwemtYZcyU1d27AJAvOLXtrRl0TFjOP_0w5MwzQX5PeBQnkEefV-9v9VZEC7hpfmiuBJeEVZsYP8I0DLHsqE524Wg2&cid=CAASEuRoiGcRsHyxqIqizy4eWwa_5iAN&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:19:19 GMT
3322538691117102879
s0.2mdn.net/simgad/ Frame 4E4E 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3322538691117102879
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607985&bpp=13&bdt=189&idt=349&shv=r20220907&mjsv=m202209070101&ptt=5&saldr=sa&correlator=4489981154306&frm=8&ife=1&pv=2&ga_vid=2065867608.1662872608&ga_sid=1662872608&ga_hid=439247939&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2937035847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069447%2C31067826&oid=2&pvsid=772274268420186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.m0alyncmwn2u&fsb=1&dtd=363
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47db6554f41082e173fb271d204e3a563d136fceac06db06beb89c0ae20069f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 04:03:44 GMT
x-content-type-options
nosniff
age
262785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44793
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 16:40:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 04:03:44 GMT
truncated
/ Frame 3EBD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2772139f5175733bfc8de709c2ea8080888a7cd47bdb1de35f380290048a5b3b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3203 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
31665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 20:15:44 GMT
expires
Sun, 10 Sep 2023 20:15:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3DA8 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b81f58129fe848729aa47c61ffed07ee009b4824f33aea90fcb077a83d0acaad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YRSIdqXyLxlLFLgc5C9TJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-YRSIdqXyLxlLFLgc5C9TJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:29 GMT
expires
Sun, 11 Sep 2022 05:03:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.html
s0.2mdn.net/sadbundle/877988745270009123/ Frame 1146 		78 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07e0d569a83913bb0dc5c9d3046c023f23446a7ede891f76dd514900b11e7997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
143602
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20309
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 13:10:07 GMT
expires
Sat, 09 Sep 2023 13:10:07 GMT
last-modified
Fri, 02 Sep 2022 05:39:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3EBD 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFWHbV5hg9FPV2-s8oiwTmIVnqtuOoDCNCwyW8aMIlu-GDa-_QlvVl6vj5y_20xQcJHOmLZ8ELIYZqEZWsm6mFBkIsMD_x_Yu5nmlpmqikIfXYscYHBgPvCw_04NTdmlVcaIgJlCaZ1YhXRwu4RBuxaMwIUq0yPhjNgY392oDGR5Csn13ufIoBrDES2OGRryonzISI39ZgvvkGxir_NZnRC5shgMWD1EAMD8PtTaJdiDHH8d8HEmC7StlAF5UCYY45Wn9vnFNHD9lAwCKcdtFY7z0on16ohCjA7zhLEyVOxeMzodfCppPLJzVtC5h6J7nr68lqheoTJtHDOui2KasIdZ34GdrYbluAIbKEzwZZ_SgDuDpnAzq6GHmeP4TgUHgZQl3SgzOluutRsH3jasVjmtkji7ZeP3Asb5B0c-TDLCDXHitNKBP2aRQAhkJGDI3AQtUPcR1xx6LGmkTo8nBEr-N7jwRnVg7CfX7z7cZM6szwCgQtKMCCgHal52y84jPPfVQC2qbSvwtC6hCptM0mX-BYhIq3jz0vgD-pbFLzye1CKeVSgnMD0GtXqL5cyxDHunza1P7AL9ahyDBiTSv-yKqsvuY9h37VBWBToKm8E4ChI-ovrP_Az69dpnYVk9Mp7jf16iNdB30G_6Vf0BqbvN2r99z2RXCMhFJa4Xl0IiQls11MCbBQ6HSmRy4HSdjS6nuFd8D4Fkb_y0mZ8zIoA7DOnNpRTFRhWoPr7lPE8kZeVQ7SSO0QUrrmNW_21u2o-K6G2y7aFnjgOURKGp6dxhqbGvExCkexPtlPZQmnUWX3MAaswP5eTmHdddzApCUsm0hgk82XSRuKV7R1rk1A8e8ZkuOyHrfTuC9p6XPY7nPINyK71K_qv2_A2mfRF8TOfeT0Jr6yBPDdkk3Dp1QQV6NH_x-sKeQOHszw_UfRdNYs8IDhw-8u6VFKVJE10vlNWLlezbLOwNsZlGP80BIP9fKxfvzsT4yMTXPJcyVlWtTJ_PEJEcABXaCESVxm9TED_-PKHvTnjk4xDgUkVl5zhY5l_-OSltjEaJQuBLIxEexFtFMuu4cutwgiDJakc4xmeq1mJIDoF7pf4K-ggG-_Pgr2TmA2pjDVzHAoq-qCLEAX2jkgG5IElZubUrdjysSN0G4GtO4YdoOJHD5JwuSN5Z1L5AsnpwIyj2z6SUWB19XRm093W-Vy1MQaK8xk&sai=AMfl-YTC_G_eTDISZ1zo7ptKRuNRe5BceZf8hjgzxdoIc-BCPty0GeTcjMmpym_b6jnrNW3EnVSHwgENs88QCzxXW7tYeYB1097XESd3Mh5-2yb8zn_OEv1O82geakEmP3dpQXKdX5HRqHYfRuogKnUNmdTMVshkmvxkI2fGerVNUR7cew215bOVt09iwFmUWu60gbCoNrQk5Nt7RPHwPI34rru1&sig=Cg0ArKJSzKLt7onIjxrSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=446&cbvp=1&cstd=443&cisv=r20220907.84282&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 11 Sep 2022 05:03:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
p
a.audrte.com/ Frame 0A5D
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7212381495254490937
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:29 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 11 Sep 2022 05:03:29 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 0A5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=&google_gid=CAESEK6dH_bKjrZMyjQZF1W0U_o&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:29 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 11 Sep 2022 05:03:29 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 0A5D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=42eDBeW2uUqTHSxgiL7WaYrMg&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:03:29 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6270 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
222064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 15:22:25 GMT
expires
Fri, 08 Sep 2023 15:22:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4E4E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1782af1dc227711d881c3fa37d6925355075bedeb8ca9ed6867f46efbc086bf3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 414B 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDPfvzr4Ox3-xGdgZIjawyw&google_cver=1&google_push=AehlK4CtQi9v8J48p5EOSonaw7ZRrwLiBEs_u-6S71HB3YKidn2mFDJHgDIvd_2Fok7aIwQSPu-cDf9XHphqhUDsg_SGaImNvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 414B
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4A_HFwVTfO2hjat2p4Rx59ky1aH9uzJytZxsYT...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXgxc0h3QU05V1dNRXdBSw&google_push=AehlK4A_HFwVTfO2hjat2p4Rx59ky1aH9uzJytZxsYT8_tvQHldzO1QSoRHGykSQ_19By6wG9DJbWyU9c6E-Uc6ZIXbSHtaglcM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXgxc0h3QU05V1dNRXdBSw&google_push=AehlK4A_HFwVTfO2hjat2p4Rx59ky1aH9uzJytZxsYT8_tvQHldzO1QSoRHGykSQ_19By6wG9DJbWyU9c6E-Uc6ZIXbSHtaglcM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXgxc0h3QU05V1dNRXdBSw&google_push=AehlK4A_HFwVTfO2hjat2p4Rx59ky1aH9uzJytZxsYT8_tvQHldzO1QSoRHGykSQ_19By6wG9DJbWyU9c6E-Uc6ZIXbSHtaglcM
Date
Sun, 11 Sep 2022 05:03:29 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 414B
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DiegmE...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DiegmE...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTEwNTAzMjkwMDA3OTI5NzExOTUxNw%3D%3D&google_push=AehlK4DiegmEb7VQyxlDAhXtjsPRblj0yW2w_yHONeyOKJP2imGlcJUDzgMA5PS08fIw-F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTEwNTAzMjkwMDA3OTI5NzExOTUxNw%3D%3D&google_push=AehlK4DiegmEb7VQyxlDAhXtjsPRblj0yW2w_yHONeyOKJP2imGlcJUDzgMA5PS08fIw-FD2aWjHmP0EipgsZFQHUZy2KDvbAw
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTEwNTAzMjkwMDA3OTI5NzExOTUxNw%3D%3D&google_push=AehlK4DiegmEb7VQyxlDAhXtjsPRblj0yW2w_yHONeyOKJP2imGlcJUDzgMA5PS08fIw-FD2aWjHmP0EipgsZFQHUZy2KDvbAw
pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sun, 11 Sep 2022 05:03:29 GMT
dds
rtb.openx.net/sync/ Frame 414B 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEP6tmtRlsstofvySAJOlW7s&google_cver=1&google_push=AehlK4Cuj4s_mfVi6Bkky5AwQ32qYiu2qoxqmjx8KXl-QonFJ8h8DTcJiHPdQtyuBA2S6AJJvWSGHooczBk3GzagGM1HlXPnNqs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
a04aqiifclk5mffqlc9l96vd76n7rjdn
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 414B 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJo1BULjELtMWGjmq4maCCE&google_cver=1&google_push=AehlK4CB_CMRP_udnF_b3L-9JhE9PBDStuHJGdwSXhDGKgTiGS0A3V8q1wOTMvNOCoG_F-vWZHhQ8RX6ULnr2ld7RClTdK5n4NA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 414B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELX2y5Wyw3eUO2FKVsg3tIA&google_cver=1&google_push=AehlK4CCyFrjZ4mJut0bsGqpvgrq7w1aVsjrEhgt5S7MMXQ9QSj5zdu3You_3aUk5JKNyd-LliS...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXVkYwWUctQS1HUklS&google_push=AehlK4CCyFrjZ4mJut0bsGqpvgrq7w1aVsjrEhgt5S7MMXQ9QSj5zdu3You_3aUk5JKNyd-LliSH4UT-JAPBJHrMPdBpRsuRvLc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXVkYwWUctQS1HUklS&google_push=AehlK4CCyFrjZ4mJut0bsGqpvgrq7w1aVsjrEhgt5S7MMXQ9QSj5zdu3You_3aUk5JKNyd-LliSH4UT-JAPBJHrMPdBpRsuRvLc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXVkYwWUctQS1HUklS&google_push=AehlK4CCyFrjZ4mJut0bsGqpvgrq7w1aVsjrEhgt5S7MMXQ9QSj5zdu3You_3aUk5JKNyd-LliSH4UT-JAPBJHrMPdBpRsuRvLc
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 414B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEClo5zTZ5-gONfLJnewtfo8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEClo5zTZ5-gONfLJnewtfo8&google_hm=Yx1sHx0B6JWRY-o2BtkD7gAABzcAAAAB&google_nid=index&google_push=AehlK4Ck1jNhwuQ8vppvx9Ys6OpPkkcNXl7rr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEClo5zTZ5-gONfLJnewtfo8&google_hm=Yx1sHx0B6JWRY-o2BtkD7gAABzcAAAAB&google_nid=index&google_push=AehlK4Ck1jNhwuQ8vppvx9Ys6OpPkkcNXl7rrtOUelgjywtxlR_9NBnutHleoRi7usClXNpQ5rfGrPeh0tQYtb5SLIPg3J_IArE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuRCPtIC2aDeCcRZQQd%2FrqmdwNjsss%2BvVu5q1XYbBGjyqOzHfCmaVyT4uFWfV0X3WZ1yMeSYYQaCLa6bsUpd79Cwr1lyBODgG1vUGYN6k3T3deTaMsa9N6pltRiHzFKdmwezeeGTylp8yg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEClo5zTZ5-gONfLJnewtfo8&google_hm=Yx1sHx0B6JWRY-o2BtkD7gAABzcAAAAB&google_nid=index&google_push=AehlK4Ck1jNhwuQ8vppvx9Ys6OpPkkcNXl7rrtOUelgjywtxlR_9NBnutHleoRi7usClXNpQ5rfGrPeh0tQYtb5SLIPg3J_IArE
cache-control
no-cache
cf-ray
748ddb6f9c82dc19-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 414B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INw3Ca3VrGb1Oey6OSf9d-CEvMkNtfTeymsaUc96zJL8kvsD6i7JwYrWYVdUQu9yBcdHGl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1662872607&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1662872607550&bpp=3&bdt=579&idt=290&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&cookie=ID%3D751e6751d6873f80-22b6aa111cce0065%3AT%3D1662872607%3ART%3D1662872607%3AS%3DALNI_MaOImMqUWnZ-jCm41xmAMghjPL3Vg&correlator=6405137322040&frm=23&ife=5&pv=1&ga_vid=1696631988.1662872606&ga_sid=1662872606&ga_hid=1498404390&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=919&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069447%2C44770880%2C44771548%2C44773261&oid=2&pvsid=574968481285100&tmod=2012896911&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.k8h437cfmvxd&fsb=1&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 1146 		6 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:600,regular|Roboto+Condensed:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ae3ff9b22b16109702412fe9cc1eb0da2c6e774d6836d2188dca8a85fc1d582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Sep 2022 05:03:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 11 Sep 2022 05:03:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Sep 2022 05:03:29 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 1146 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/877988745270009123/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84981
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Sep 2022 05:27:08 GMT
generate_204
tpc.googlesyndication.com/ Frame B618 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?69FmWg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 08F8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
222064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 15:22:25 GMT
expires
Fri, 08 Sep 2023 15:22:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4E4E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWo7xWaypzOeVhLwwOWqMyS8_3yZDqoENteCuaQQzTQeFC0hlqLV23-mXc3rS5pqazPMnyM4T8dY-IBlos9MhIZMAEjSqaCKJuQ8WlzhZ1wLVmGjn3-8a9PhC_Ii-D7bjB5T1utITO3zuNre1VvJrOlccShjleZWqll1IRQqnky2bjoocppF0OmVo6TkWj1tC6uglHf2hRVZo4J-bF4Ta_C_QVZLXLHD-j2ocfefs1SU60CwphGe39zrxn7RmEBMP27UN2xyDceBk9AqIFuWSj6JYs7xSM0e7VOleq36xBOMFP3LX3JBKpK7ffQKyNb1Gbmmt2Eq5C1vI0UQNE1tClmJlkszpUbQ34xnRZ0efsmbpQGBs9JzRWZOwl4XW9JWEgBEUSFcw8TFymw58dyRfY46fi7Cydkh7SbFJIzbclroeCEkpP10XN1oQ7bP_JiiaPVaKQYHs7zNVj1zy0aevixFAxKJzwKlPVldajgAyVo0H9MvZkMH-k9YTAwzic0ascZqq1i0Nic_XW_577mkr4nZ_f1m7I5VTFJJhoemYddWdu-vPJ6FCGsacAgbfXKB_8YKh_vY3bCrmPLTShgBKuaifixUPh1M5GSsD7NYGHePjjBFG3e18M3Xtq2Xkmn7Xcc4HAHrSdG_tChccW2NQ937lDva3gYt7qQ3_OgnuIXVN61IZK0KuwRRa04MpA5QkR-serKCt2_9qkJ3x_v2BNqzeBuUHCZLMIs_Dc2zqc5UqOuNLgoafDcwROR0_5DNJiKlngrtgJ0dcHFiQnHRzHC6CJPGRJA2F2O3vhm7Cw4UovDbmaBeCy9aRNEuoIJB1Rqe9x0hhYuVkWP_LHg0qGZ39wPIypLjp0ZoTPE4UNWnCkXh9W9itfEeumPusJscPZkYTkUHJRnbQJNtrttq77njtzle8Yqm5ROWca_CDhfPwwSlQBmlVcRH9VkQU3fVnAJSzphu4OaaPpVH6vfhHiBHAQyN6ISSxaYTUBpEaOrlmJgI6p7HBE6VjZVMGamVaablrsxl8neU-oVGoZNQir-oFR69hgZbn-OeChTQKfAjQlA4sDKjsFagkZt8AXn-bAV204wwb-aysOkcbVK61CldWgU5H7L7qejdb-69DbZHfQeC7FLi9Ypi5u-T-BX5h0AkEDR3NosmgosXtNgFzTIanLmWpH1RRuZYX7rvZntSsVFNIcDYgFuhmtMuHkU63zbDeEjdsIeqcOqH7ZaHE&sai=AMfl-YR9EmsVELHTdxG89vklnlUEBNCwbBnJfcl9nquFuJg-oAAVV_sDDI3epc0M6YjX0kkFRqexC1PHnqWV0e5g5ffWcDcnic5zfz8Gp-IxcHZyuaecvW37zZVWO8vJzGVZRBRqFXsIbert1UgDWfkEMLIp9x3S3NSCM_xT32ZfAzhySx9X0Yrqqdqe&sig=Cg0ArKJSzNvHv2kUBUE_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&vt=11&dtpt=247&dett=2&cstd=0&cisv=r20220907.20976&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz6uvPzieEznXMCdPBN6BfF_MXrSxWjAmkA_xR6iKR611lvyRw5P9WVAYGtQ43c5ncdKldTImJHBRfp4MOD8IQaqLnQg&cry=1&dbm_d=AKAmf-C96mhgnmjXMlleUWxutu6grVDouWhQIGHbwWL7cHYwhnHQXs5RcVM1qVFEr2wCmR-2280L2K5B7HAz-dcrl7_R86PB1V3HW0_HaKd2U22c1MvU0Yc5txaJFwuq1Erof_NNeyskxWSXf-n22o_UcpyIt5oVarIQe5yv-dpi8Wo0BTClquS63wUiamB7qFbm4leNDcTZP4ghzXICKMgQMqS_IypwK9g1la3URKAaJNCDZWz68-VMwpzHKffhoTW5j9lzyuICzrrkICOOx9FNlpOZp2NfgI0N8zDkXrbEU0Qpd1-hd1RaP5UaFkaNn50y3D7YPwgBRvfaakKPa01z92MfvYIdnLDwq3vQxD2LDYoD4COF5_owZKfqu7slvUhMau_LGRNTO0eu5j1rVNtmAuuaqgcWHS9s-SmN9hJJzLdUew-wHG5t4aRZbxdTvXP-sJMBHCU6n0UGTlrMk_MXMGutOnMuHborYPDsjZOPtf4lLeMM5zB8XBSa1pPZ9e9NAVu0XpYNfS9VaYMQHymsNbIaNYUcjcbqyrtOu7y1tQX8wxdPsjaHopvi8bJwR9pJFUaymoAj6p5PJCX-AWwkD-CEIvWeePf7heU_bjgK5OxM2JD7oqU30KUMxa1OFO7QO4xaEQ-iwmqJXrvAFb5IrPPke_1om2-5CIv5u_oS2eGFrFjZhzrOwJE_gApurEilN8Aq82_1O5wrlhejSKQoJEF0qPy0gPBqEEYsSmD3LG2d5mYGbT9fstvf2BPc_kT85riXZCaNWIXuX-GNmN8Ts33_zErLzfmX2z_gpoL2FgiJeQFE-HAIdtKebRWi9dY5qNu7Mz2ddJQStMJNA5OTQ_64x5JjsYgRSMtpz9MkRX9T1Y9RDBiuPtQUakeYf7wFu7UQAveqCQMv2mnKT85Ni10fgkU144dc1Vn9IY_OxEiOWAADpUKOZYDWwAN0Py8h8I6q5G9Q4vwID13F_0DYlt-kI3CSyEXZS0F8nSTQz8Jf2g9lbHgD_GTAULRp9DK2fhbb9qk4Gjm1GsIq-eV4I0BZzZB-sRUD2fjAyPeSAdmWUpFEqebObBYC57-duw1emJ1dByvaeYqZMXQ_jI9qULFaei53C9eHTKMXnwERKbTRMXGCuypecKGF3wAiXOAnqNgoPzwtIU1BLiZc8E67Guaj59xu6SxH8tvlV3XB4M5UpgpZP9F6Ipv6ZO5MywhLXAK591y8QQx9PZCsR67qBYoYnQhWHJMbQPjUXGI6n_g_GgVFq-pJLhS1qI7V0SOEWrIuCO9LTMIyb-qoA-kWTNVmfhQsF5FKNuGDSKzTGf6UhPgjebLS03azmUbea1Ce17jQqdKx51GUoN9LlBGaHuByosh6_GrfYpBTHWUe2QmZM38Or2IpHgoUhn7L0NiNwMcM6B_QaEnEYb5kgoOR7mgniWkFJCeK3MN8QtBmlKiezDF1YkoxloViMXF7kJlnhfOp9-77SxufGes6CofNQn6gA6S0wCQf6sT5KfoFSV8Ul5jsmrdYrGN7U0XuQZ-k1iMIS9qPBd36hwRN57nqOVXSHOOIlX6308djFXTlj0MSqcetr_d2PkiLNzu2VfMOIxIw_Fgs9eoO1836TJAElY84RSJumndcRft_hWZbI0tMaXx59KI3oTG3rONnkYEcrVNrjyRhXkZLMUwV4c38TkKOE_5_ah6pO1ji90T3n6LKFgKMLO0BcCY5sQodPh-TSIr7-zWJrBdKm6h_ikTzwaDhZ6sVp0jPPCUnlcd5-VviLG2hPsmP9ZsUqfGGpI_Ma6CNyCKCYmwbiyllp9Yk1GOiMnL_-piZlYL-rCd44pmPz15Hk4GFO6HMiOBlsP8-uUHWSSOE_f0PCt_s0B8MPRBIiVeD9CLIfpeR4-tM8kRFhOJheQH7l6iMb-vDma7POyNnuKP_t_qZkWSotPSzAPcr3OUS24fj0OqQoh2Z4PXuAeMf7gGSATKEXChGosagFyNgQcSNXr2hFY1CZ9EJeJyx884Vxfh_xHGtw7t8WIIg3A-dU0SvqE2BGBp6DOPuMfGAdyTRVftY4ItuHhfvWZg_hlFIZOdPLhYV8hJRfRFzxlQ63g8UtXo2mim-4p-GMYArDhvyxnV2ZXVIUHTULXvow3C6Mfokrg49v34ZorHo7quIh6S_xjXr_2DzvQqeXehQF3zhMLVfNAY2HZmB0U6g2--zLuTSfGldpPIn0NOk7CeE29XdphH6Y0UR-YJRAJUGwPqR1DYsV4sLefLrr2zFFV0kMpgSvppjRNOttJMaw_k5LZvNvkzyRcqVY34KYcYTNuBAH44aQypz5FbEH85QA37Hv0zw0pVvw2YVrNxTDjlPakJJV1DfPIQnHglhHJg9qs4clOYM2GW5BnRO0LrTGgrs-OnksX1sKTgYXZPOP6vUHTyCK_C5X1-PGdPiy1iYi1_IyTNHWDfVueU9p8c-_8BpQcRKcu_8D4Mgst54b5c-IbKgpxWujW9OakEi3SUR0VqYTlf6l9my2oXyoQPS9Nq6mfk009UE10fWUFBaD7SXXgsoJE4JBbYieRuYTrArDF52HxmeKL0lKkxLsEHOAT2NnevDAnGM_8MgkjmjJ2j7dAeyMP3GV199LvfoTiJaW0HUW0JJyuQdNfo4dk5kpg-z5YSEzJ7YzRL_keziXvpRwkr9LaDvp2Y26Zwujvj5ohQkJt3v5h69fLcAnzaEGrVda3LE86rEPKsJG5vrzImqVvwTu5nVuKnTQqBK3rquL21iLrDWv4Izo12XGhfTcelRFFM25AD-_-iRmVOMylSCPIOLwpjNMY4uEswUrERjmzhBIUVFdI5jcJL7RT19_v5yADY4fzUGA6DFRSSR0233dJu5SRdXu6mOyJAc1yuQdLEixP2nSmK0pLaBMe9NtdoaSw7KXkElw3eqbfVojvso5cBrPL_uAd5sni2hQiWC0HNiidKTxZO0kXN1sTl6D_r0zZJg3JOBzwgNwcFdNlvwemtYZcyU1d27AJAvOLXtrRl0TFjOP_0w5MwzQX5PeBQnkEefV-9v9VZEC7hpfmiuBJeEVZsYP8I0DLHsqE524Wg2&cid=CAASEuRoiGcRsHyxqIqizy4eWwa_5iAN&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame 87BA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DtptYA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0BB9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?W2XaYQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3DA8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=1202049663548947&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 6270 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 42EC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb01340cc23dd2186cc66114d51dbbbbd59e438dca7946e176e4d1aeaeb18eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10939
x-xss-protection
0
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 3203 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 34C5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5b0f78524dadf7a33e842ed1b3beb652f1ee3599dbf67ccccf819f51cb8bd47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11107
x-xss-protection
0
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 08F8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1146 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:600,regular|Roboto+Condensed:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:24:52 GMT
x-content-type-options
nosniff
age
293917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1146 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:600,regular|Roboto+Condensed:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:40 GMT
x-content-type-options
nosniff
age
391129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 16:24:40 GMT
White-Arrow.png
s0.2mdn.net/sadbundle/877988745270009123/ Frame 1146 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/877988745270009123/White-Arrow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27ffb8af403279858143417c32a29369049b8aa147de70abc2dbc6def5ea92f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/877988745270009123/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 13:10:07 GMT
x-content-type-options
nosniff
age
143602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3114
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 05:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 13:10:07 GMT
TheFast800-logosquat-transparent.png
s0.2mdn.net/sadbundle/877988745270009123/ Frame 1146 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/877988745270009123/TheFast800-logosquat-transparent.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98662b07a54e18b00a02dde1c21283cfcfdb3f697eba5192b4f5e271cab488f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/877988745270009123/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 13:10:07 GMT
x-content-type-options
nosniff
age
143602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3349
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 05:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 13:10:07 GMT
Coffee-300x250.jpg
s0.2mdn.net/sadbundle/877988745270009123/ Frame 1146 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/877988745270009123/Coffee-300x250.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a46ccdf46745b95a6535099b3d444641bf83d130d205682c528257e12a10967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/877988745270009123/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 13:10:08 GMT
x-content-type-options
nosniff
age
143601
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25922
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 05:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 13:10:08 GMT
Chocolate-300x250.jpg
s0.2mdn.net/sadbundle/877988745270009123/ Frame 1146 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/877988745270009123/Chocolate-300x250.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc77f9d7043a27d09c69df9857857bf57ccda2ba44a0cfb1c8ab4b3e7888925b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/877988745270009123/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 13:10:08 GMT
x-content-type-options
nosniff
age
143601
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29377
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 05:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 13:10:08 GMT
Vanilla-300x250.jpg
s0.2mdn.net/sadbundle/877988745270009123/ Frame 1146 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/877988745270009123/Vanilla-300x250.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/877988745270009123/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1d8cf50eee0d477713a8ef740ff06655aaced095b0b12aab7140b994ace745e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/877988745270009123/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 13:10:08 GMT
x-content-type-options
nosniff
age
143601
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25687
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 05:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 13:10:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 42EC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 34C5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:03:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5951 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3aqskFlwOF9JVlTKLiqgtpxNnrqwJDfzae6RjlYD0mpq4hkBBbk8QrilQMyaHc_H3glcJcPfsCEO-fVYMGI9Cv3eVBWHWaPRr4Sy9McoGAj_CoAlRmZi7BMBiBXg0YBFY0K_i0riXTHNd2NVxNr-KA00uPSLUSlwF&sai=AMfl-YTkCq3Gur2yXx3jtpJL2UAUtdp3uNc7Qhdib9SiMUrXwwHX6RhlhrvaD-9ouSvkFDZ3kfr71ebXW87QzMAmtnTfXOpkzucTeVo&sig=Cg0ArKJSzCdFnfG0BEl1EAE&cid=CAASF-RomR8IakWkCePFUT2tR7t6zWHVSa0H&id=lidar2&mcvt=1020&p=0,30,200,270&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=132049923&rs=2&la=0&cr=0&vs=4&r=v&rst=1662872607785&rpt=651&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30D1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2sGr87Y10BfDdayKcw5bOO133bHDFtOZSsGV4dFwHicytspstVeZU5ZX0CVw_3GVEk5uPvkaFz52o44ulU-qwljCjlb-VyK0AQjnh1PsqKKtOSfXnuA9X4OBDOl3S2zJOfwYVXA&sai=AMfl-YQU01gXSgx9uVKwZYLIranOV9DOsQomqezNypW9UPw3jkhmP71jI2ueIQdbpJHtXRDts7vy3efgCnfE&sig=Cg0ArKJSzOw0xiMYKP0aEAE&id=lidar2&mcvt=1017&p=0,0,90,728&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3481491427&rs=2&la=0&cr=0&vs=4&r=v&rst=1662872607517&rpt=945&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3EBD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFWHbV5hg9FPV2-s8oiwTmIVnqtuOoDCNCwyW8aMIlu-GDa-_QlvVl6vj5y_20xQcJHOmLZ8ELIYZqEZWsm6mFBkIsMD_x_Yu5nmlpmqikIfXYscYHBgPvCw_04NTdmlVcaIgJlCaZ1YhXRwu4RBuxaMwIUq0yPhjNgY392oDGR5Csn13ufIoBrDES2OGRryonzISI39ZgvvkGxir_NZnRC5shgMWD1EAMD8PtTaJdiDHH8d8HEmC7StlAF5UCYY45Wn9vnFNHD9lAwCKcdtFY7z0on16ohCjA7zhLEyVOxeMzodfCppPLJzVtC5h6J7nr68lqheoTJtHDOui2KasIdZ34GdrYbluAIbKEzwZZ_SgDuDpnAzq6GHmeP4TgUHgZQl3SgzOluutRsH3jasVjmtkji7ZeP3Asb5B0c-TDLCDXHitNKBP2aRQAhkJGDI3AQtUPcR1xx6LGmkTo8nBEr-N7jwRnVg7CfX7z7cZM6szwCgQtKMCCgHal52y84jPPfVQC2qbSvwtC6hCptM0mX-BYhIq3jz0vgD-pbFLzye1CKeVSgnMD0GtXqL5cyxDHunza1P7AL9ahyDBiTSv-yKqsvuY9h37VBWBToKm8E4ChI-ovrP_Az69dpnYVk9Mp7jf16iNdB30G_6Vf0BqbvN2r99z2RXCMhFJa4Xl0IiQls11MCbBQ6HSmRy4HSdjS6nuFd8D4Fkb_y0mZ8zIoA7DOnNpRTFRhWoPr7lPE8kZeVQ7SSO0QUrrmNW_21u2o-K6G2y7aFnjgOURKGp6dxhqbGvExCkexPtlPZQmnUWX3MAaswP5eTmHdddzApCUsm0hgk82XSRuKV7R1rk1A8e8ZkuOyHrfTuC9p6XPY7nPINyK71K_qv2_A2mfRF8TOfeT0Jr6yBPDdkk3Dp1QQV6NH_x-sKeQOHszw_UfRdNYs8IDhw-8u6VFKVJE10vlNWLlezbLOwNsZlGP80BIP9fKxfvzsT4yMTXPJcyVlWtTJ_PEJEcABXaCESVxm9TED_-PKHvTnjk4xDgUkVl5zhY5l_-OSltjEaJQuBLIxEexFtFMuu4cutwgiDJakc4xmeq1mJIDoF7pf4K-ggG-_Pgr2TmA2pjDVzHAoq-qCLEAX2jkgG5IElZubUrdjysSN0G4GtO4YdoOJHD5JwuSN5Z1L5AsnpwIyj2z6SUWB19XRm093W-Vy1MQaK8xk&sai=AMfl-YTC_G_eTDISZ1zo7ptKRuNRe5BceZf8hjgzxdoIc-BCPty0GeTcjMmpym_b6jnrNW3EnVSHwgENs88QCzxXW7tYeYB1097XESd3Mh5-2yb8zn_OEv1O82geakEmP3dpQXKdX5HRqHYfRuogKnUNmdTMVshkmvxkI2fGerVNUR7cew215bOVt09iwFmUWu60gbCoNrQk5Nt7RPHwPI34rru1&sig=Cg0ArKJSzKLt7onIjxrSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=905&vt=11&dtpt=459&dett=3&cstd=443&cisv=r20220907.84282&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:03:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5286 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
31665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 20:15:44 GMT
expires
Sun, 10 Sep 2023 20:15:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A8F1 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fda780e892e784a43ed653fae1a67583e0a8221a258e72ca067e6ecb52cd706a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yVn71_2T2ml_5Qat1gRC4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-yVn71_2T2ml_5Qat1gRC4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:29 GMT
expires
Sun, 11 Sep 2022 05:03:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 3203 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YWIkWg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 004B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyRWk6woxVEmSDR7OP0mjLcviuWH4Rso9eRMhw1eEdvTRLOxB_y1onEab-w7F_IE5G5XHrJYYgK-BY5SiX9M92p3DoDrJU1rH_b2UssYD8FNlI4Qr0aPYeCa8wMm5QcmmcGQWRcw&sai=AMfl-YSPdvmnHiqwdUkySA5kvY1svEhkfjjcX5yu3qpe6qErQOVn-_WPXEBdQjgOuhTRtYJDHP8rwIL1Wgvo&sig=Cg0ArKJSzNAVDAe7bQuEEAE&id=lidar2&mcvt=1025&p=0,0,600,160&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1974494150&rs=2&la=0&cr=0&vs=4&r=v&rst=1662872607492&rpt=773&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 24A2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvznIKML_rmhFuorzozYIBH7Z7wGltBWJ2ms-cMk-JtZ0_H81K05WTOEIrpKC3wOkCQJ_gXQH7EM_il_6uW8JCM6x46hd_zS67U02by4tUq7y0QRqiSWJBCABKp8oTqAMGMIGNOAR2mueTvbhKio4QSZP6d8N1LhTfvS0wsBAZRZDZFhSd6jJeE7lXR9XzYPMi_F26H4SV9Jb5-zJz_HPrAWiV39O0VBp_jALKAlT3BSGMhEP6G90z9XUtyUk6Hd0shvMomV_tTSIeSabbzlcnKVsKfzLdEnSGN7aMWnra2QWXrXvUxaS7gCBjJxLFaxVijkfaRBf1GCbxtSrLP7mfC5gg41QSPr8fDjihz93ZxuAU3sjFpmrQHOAgQBX2Vt9hDh-_alhqgz_s5cFxw2P-Aw6E02pX_6RjTXklh7Qta_psgEal94aprY_na7K7VKoHPt9xOvQ-jyorcC5maBqCWbQ2MF-gPncbi6ZsIXjLBvAegLVGrOjdqKkWXfPFNZ5C_7SB0FFt2Px5q6bNfn_Nr0Zt6nCp7k5D4mC9_a1uoqRC-V6vHfz5rFb4z1IuR0Uu9jpG3iVaLl_BvxySCQFU_zT1xn42f8Ohz9UbH_qobzOWcC_sWnKwRRXtfalp-Kf6GikmQOx2Eujk0-MwUg7fNiz6FSJ7R7fa39r4hPrN0IE51Kol0nMZ0hTNvEdH2dP9aa0SM_ahEpz-7MYyH5HxDlOgT81oyDdHYPzgiHVdJywf8M7YTbPxfNPmimxdNcnTxbx7f3B-zNJW70CiXXjd0UCtpRcSxO0Rr_2nJn1ofUOWJx90jlyb5xs3lGALMDQJQhpKnaJuTuOwfcMOpS0PIbyzoZ20BTYy9V3plF-KCXCU34-1A6wExhiGH6l1iZHqmSznTUjy0aHmlTwqk5L4vq5IgNUVImZJd9BJL-_KvWpBrJZx4_Lg3Yg-sUV_DygvLgW_eFbCp8WxuJM43JiehLAkCmiEmgHVCm5SxOVBb3bHi4OFoRU0tVPLZZrK3rtCWYN2Yxk_rRSMdpd7qYTan8RVWchvI07wlQqTooSxZDJ-R7dyDUhf9h6RFr3EKyMP8_ghQHVaTIdQLLayd5moeTa6P4OHhI6ccpGB431dnvK32hnzr0ClFIK-DJOwIgPn_Mesrt25vwkqSb6V58vHvwsL7krXjHhP4NexxfW3N39uZbOG_RGJc7Y9YaVyA6zUtml2zV14382ncyaH8nxcBtuxAu0FRIJsCt4yiOhkgHmQdYQbaAZ58bUz34IfQ_sh_YhAXb8dRleIH0NU2A2_valddc4xCMjIfxv9W0xpsXDuFb994k57DgEb4M0f9lR0GvzIxVaWDDq8Z0WTGTCDXSrkMfOoFcbQlo8jfx_SjJtKRc0h_Jfslhd0i_Y5c9yM5qKektJ-jowDMqL6bdjJCXj-1BQ&sai=AMfl-YQQe85R3XsCBeTrkA8FJe4uTA3__09riZd74MrdBU_03TTUZAqjscexR2D18OVjAOBMtacIFS_QMh3ORZI4twizTryzCfJUOA&sig=Cg0ArKJSzC5GTq7XqBsXEAE&id=lidar2&mcvt=1027&p=0,0,600,160&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1620915178&rs=2&la=0&cr=0&vs=4&r=v&rst=1662872607462&rpt=751&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7824 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
31665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 20:15:44 GMT
expires
Sun, 10 Sep 2023 20:15:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E4C7 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e32993606a8ec9bef86dda3771fb622013d3add0dcbfbc1ad7ab912101211be5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tjPjWdwp7VS79JTc-ffkaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-tjPjWdwp7VS79JTc-ffkaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:29 GMT
expires
Sun, 11 Sep 2022 05:03:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6270 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5tgkIGwdY-XBHY7B9u8PhcWI8AkAAAAAOAHgBAI&bg=!xcalxoLNAAZTikH4c4o7ACkAdvg8Wn7-1qyZqD3ZhpdoLP6YJkU6ZzZkGjh1O61PJyOLMGcMuvRK7wIAAADRUgAAAANoAQeZAtk6afgCOLXk0iSa5bpc-l7IauBLS2xLfturVNUnZCUOgG1F2UrZMNokmE7BQ77nVwd3AWUEth4MD5auWrn8crHnWQqmuccrxitkkzqGjjiAAxpzoxvqLkgFchJYdklK-cdtbPLEBHsd7YAQnwAJij2IDlxG3U_My5U5rE1xigjxA0H7qaqHEF47hZhWR9RsLbCe36bbrIFjmWmY7AcCg2n_YjTEEt-SbgIMXF1z_P6C5sDw2_UVrNYqlW_gNV16eCimJbgCv3NFI62QrHVyRyCI3dTOKkfXfzJQoUvhWRWUV3cnPZJh-avHsbFU5-CQ2qb9A2ha4GC6vcekYzx8ekoEHXjRwWq7mCsbrGeXeitGe3D1sbz5vtTAbQZWm1QttcFgtm1r3Xhxgk4C58XOMgWfRUN153v0tKYbioStOTZH1WdXVUgf6W-tWuJNaOxAy0SZUUhCkzXWKOjsZVaOeg9BsX6J3sff2Edu7jmvXJkdOoBoLaCAlB9oJJyVctzkbsCa1zG3UyCwcfaBwaJPx6p29qoQBiojIXbpiUmpsboEmzQmBTSULYtiaugBrYYh4p_aG3i1hn7lZYl6bI_aweUygmspPk_f2cI7pNny4g0n4l4RUgSnZ5x8XkVoxqjTM19wxbOz7eLd6BIDFaekvqJHacNTaaxvoJB-fjhKu9V1b0Fj8xcDqkHdc_ZI-0xVSTUMRmv7Yx59D1-yiHnZGsnB3g9Yw7R65BIWRW-lFBjUvlVTuGS4nT-YcR8CXCI9lkAPSGaRShS0-mhoOQzYuG_rVXaiy-QYcSiLveXPm2Rj_8g5ZSnHp8on8BCiArt5C236yHtIVwRIA51bwMm_JsjiBG3Olh4D4Mxjpd-SITGVjkBylaS4S4lNZdwm4HEBqXdml2AtxVUrvVJNPzZVbsP3s6TXB93gfvKDHwO7hGs93dTEKLiDd7pSl34T3mrhcEWLTxJmcYvbeOs
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A8F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=1548045983190275&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 5286 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E4C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=772274268420186&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 7824 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_PCQIGwdY_feLYCs9u8PyauQmAwAAAAAOAHgBAI&bg=!5eal5qLNAAZTikH4c4o7ACkAdvg8WoL0fdWBhPP1IIdsAmCPiLYyQ7vxvqNpfl57c9-TP3lTuXCpsgIAAADaUgAAAAJoAQeZAylo49yd0yXqKEh4GOTIcCs8D6t-Mw86vSk3jwxikoTXsab066Ray_gKmdZKih9OGQ62PSmQYYwbhHIgPmTzyBSJY5W7JTEzLt9ytN9xJxt67OGQh15QGynDD1Me_cOacFAncLKluDuiExOmJfKvf67Wy8erIZo9Tp2xSr8BKUzSTCjxqMmKZisUkBNyfMeHNnLedTTxRfXksWX-DRtjN_UJ0d3KH70UbE6TqvvMlZrjWwPQuz07xmBBlJPyguurCYPnDBwCXjV4XXyGM9DAixuKi_CimIVL1okezT9tU06iiORRA3i6UVl3i9j_fQku1Jijtq99pEzqcVd-2W5krw3BHUb-C321IXfz3LZFoHhv5CXoGgPVUNSNZB85qVn_loRJ9M3QVDTAHejth7rjxfdATmCZkeG8N9bV8zlkwkqNYF5kjsZnm3A0430EYFA1ebSfmxG21G6kLztMsTh_9NEq8zljHutm7uKl3DNAx78waXJHDFGrXC5Mj2xKXIWw59LSazj4I4URM3rsucZWm0SBweKKy3pEiFKO9H6g7WRgYDj6TU0S-W4h5xJIxSEY7kD_PUkYnutY27dTqo4KZtDFWtJmnq7pusc_HxIgp9hbEXCAntLPLXVgRPOO69m0J0kfiGbGXFSPjyagEMFw1bagzlwypEIn_JuLweXnkIOAzP-zPQu2t4VDFB9rLydcrq8VUyjStJ-xQyaHDezqOCaLQtasJFB1Ad0ElwUs5LivWeoYROtBbdz_vgfK6xEF5EmKFCsojsLACoEHyH8Xx_FXsR4hYshUvPgzPeqONfByCB6y0TQwquVzx9RXUznlsgkWFxARhOey9PQb2L8cgL0GJIbA5EEJbh8B2mWqtf59tw8vPraRP3YzPOjeE0SO80tcaeZ8jDv4hpNwnwnjxaOxwNyJgjjXEZFud26f3uRE-5lgSdUWm2D5ZrYCgcODpb37dReIrbuAGJQL3D7c54r3YPvKoj7Xcc-3v-cSCGaW4fymjgqvQ7ZfkHXYLzgpGnSR6s7hzQqEuyN8AejiOWKl0TvoRfyt8UGo0UeNN6MQGou_He4SHGW3Pg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5286 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?esBJVA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 7824 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dQYyPg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:03:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F1AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=3398602431255708&bg=!RUalRgLNAAZTikH4c4o7ACkAdvg8Wsqo-qyH-4TI7QZdpV26SaeoRSmLgmncYAZv2rz9DJyjVaAcjQIAAAJYUgAAAAJoAQcKAESun7ySXuJgzVSePrtAKjgmogbrNaK6j8vSWKUGHc6KjW6_70y3vIZOhmcK1oBQjQuLIcGKYMOtTH1vIF0I8wr0aNbujJkCtPwaY3iabPbH4Sb4GFqmTL__owu3g4R-xJwJBSPTh6eOLPlZSHSqkHzWpof2odxH5mjsJZwVDz_lKy4u6VYfK9LFIH8MEf-WNKFCuB2h5Tae31ToebDHOr47FJJaL_bQ-EnrkNV6Vs6LUy68GvKqWydtIEwdrJUzQzA3DbkooScoSFgmF-j0m7zf2et3-5P_JlZU4BZ_FOP5P4wA4TCiGWBZTJyCn2qxf5zmCHxVluG-a3I8JIC2UNUpir3bISnpDri9Bnr7DyfldxyAbl3crmP99YuflAz6WUVB37Ty2Sl7wV13YZuE3Oyw6-kWXUvnyx5cz24lEvHkfebCNbNfwOzNX_rRdwmi0HSoL699XYCBFbI2ZJBN--ub7RYdKgEB2GyvOPJiXTbkNtPG9xIo55Y5o8Z4-UXae50Oir_vrTgaHAPg7jFolOIwt95BWTwioEEuaZN2ylmMlObG9ZxhJ_i8MZsYGp0JjOFKzvdC2KhI5MMFrJQXgMSYvgbVuPEBRBiIp89hujEUHlW2YDsoSGR5qoQTEiLXJDlsCIFUvl1OJUD26FkU00t6zEXkrRz9vvbC-sY8gjYVUm44bgOzDWV_lyVqAuS2CsV3THCljV-UScSV3huBiZ7Gb4FMasjc34AVDqcRMpW4BM1nB-fG3FYB9C1EmQ4b1_6F0GKLBz8B35Qk7bbKRRyyghrv7CL2C5nG2-hqNbLdSMHYMTY6ld1luAdz5zicuqB9v-mxDZuHqtEKLfRYQIT2P-nO2eFys5z6FvDr3juxAQLmVxCstCEL4u0o81qbf30yXlSnA6XL_1bTxJ23JlN1jGMAFFtT_g4--HeRoIdApAtr8XhI3xxO255dkAfjglDcpbDv9R4NI9rmcvU3tfwdq--S8_kLg7_sxoi5mgKI1aagRM4TWl3-B91H
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=3400003674732753&bg=!wcKlwobNAAZTikH4c4o7ACkAdvg8WvtSmq9zcDLfj0I3DpDc6SoJla3avEq4ikQqP-V48xryvZYCjAIAAAF2UgAAAAJoAQcKAHy64_pUOxViddLxB-RBVvfQ9XUd-8NY3G3vDAkvKbsDg6WDYvvMx4AcF-MgblMjk5ev8-nBpN4HrTGHVVkusNvnoJ_C6CcP20hvUDhbSwgUMEwJMy92VaVMt31QKQ_NCLjiN2FDci1ZbzcHTxrKFwVoPF_l7TG6AXYBgPbDmQKsuVrClM576sfAAw9bcNtqm3EXEpUeZmij0ExoFclpAnHX6fYtZmdRSO_iI5rVQGD3bvizx9743Ir7dlRYeDo6f-Awx30XqAE8AVGX4Ppvl8XU3Sf2Mw3a6df3Q5TL78GSoJaJ2BzXReW2h3e51FKNFL_Vx5xBalEHf5V_KQrSqWJVqLXX_PcdZuGZo4-9mQLpBxbkxmPiDUJ8BzPvwCr8AMA6CzWC4HRnpd6SutMGb-S_VLFN0wwsUzGII8Ub0vojMSIM0_ba12LNd_Nq9DSJA1sQMBI64n5Cv28tvSx_5718qIE2rsREWMoy5pRhMThveKjQAtX-SglZMApj8RxFGV8sQezIog49UPcit-DkFw5ZRVd5_NCLVhrv39UW9bK8njJuUlyA2LtyUdLSKl9MwWXE4bXgmyqvhBRGo1l5qO_IVjZMIOQgRQRHCEPDvkf-Ymop8fewPciz-kXmQGuRkRkpwaOoHLaGosbfScMB4aZ5q-a2zQtURDAqUpkTrRYEBH3jUmP82nsFPYBcj1wZJ683o2y1Rx1x1Ep4XKdVlkgCMmFS2mfvQAUuqoLZWAmVc850cZbDzXxClRdjpzY7syTH4UoZGwBDJZkBKXhN4ZrMKB-cHEro25eYrr1j2Uc8yVzv2i-LEGhYNTMcpqtyqCZX6KrjkEIxdF_o2xo8VoU9M8gvzgL-RfVmK6G0NkZntwKXI56HXumbwWxHQah7-F0l9rUfTk5BAeGD_jLmjJhUakdqNZKkYJ66rkT70QD97fI1wZh4knvUyORorFXdVUaJzmcOPpXJg6nFT7wNuw4MkIMtuxG80vFn5A5FlVTEFIBWTEufEaZZQ8Xns9NBwY-PBm8x-lsuXsE7aIkYaFypLIP6l4NYDM1L5lB90aWgqSjydLnmPaum3ofv
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F5E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=574968481285100&bg=!HB-lH1vNAAZTikH4c4o7ACkAdvg8WtIwAxd7O2pNl7XB8jF3k-WGr-f-rjObpV11AIx8M2lM5g0kowIAAAF-UgAAAAFoAQcKAJLtzEpFoc2fnKZUFvgDFReNtll-q43LkX2V4wNo-GAQtr-U15j44kLCJm0Lb3OpJUy5hzyf_aG8kh0Y_hU8fEOpQu-Bbkqz7xj0bG5MSjAnxcUfKKbj1biRgkEJI9EAgatzBPqhh4OCtvvPOyAkx33-cS7sfqhm2kVexxxg0-Y-gqunjbm9OcMOGZJVctYPVS_scJkCuAzNleZfUbft8AxRysHfey7nWXf8naIpUMOkXdwsm-wTKgHXdiolylbEynDmz9DxxsLK_-n06CkPxFHiZxB13vQO-LL4BqJZ-8MELa6et2efnvibipEs_7qQhxhZ9nweoYkGv0Pbn_bAR2JHBHbUyfaPsO3LvZt4L8UDiGcypnH41jOILVheAa7wSRQzPHyVYaH1vrdjvK2bd7IRe5l7-ikL3AyqpxaNJjMN27g3H19BUoUvCpCiOrMFVU9Rbt-Aax1fAi7NvymvMNlM0_AyaNbdHm5HNiFJWa5NcLOp6sUsw0YxQXXroADYwANB6ifzDvNP7bsppl99hkR9lUAWEvhYG6icZseccvXmgYi0k82h3oaScIT08XMqliSiqd9aUboAFUL8dwcAgWnJ3rlc2SruX29ZJO4G2IG9pkjMYh4DGZIu1L0WJNc8pQwAQhD5UI3cuF7v01FfrIJ2QFRAlwdEeS-vW5ro0sU8rbOW4WIaTYJyyRCLrW1Yf9kFyTUgDVxMhob7Ry4UhbtiZdycvCX3zMsWqyMUJOnPlaeAcJrHi_xb-CF2EHjjtqlmQf_mPB5cSIDVlzxl02WemH8xmGkYC-OEjLpYriu6ASBiQtkeB757C0jS6gm5GQ8QPATgwfh3ZnXgUtaJOVuLJ0pTaZL2q7jf2M6nDou44Rhpe5lr_4PtHpir4dODbyoQfrmb75YABIw3P3ZMlFCRW_ejqyrJLFZtYZTNwb0rsO2SFMHHk0QWBjvPWbGBWD8lGIIGIMGiA9K_1Z59exMe-CR1EC8-dXMKSaEcG732HleinmAj06n3evTfoXj8wx-w6PEcB8984yYxv6QQrQdaeOPnXFXeRMv1XjU4YRz6p3Fij2ddJooTo97_hoTI1tCSkwIvc1v4NF8Od7bcajkWST9B2290N9JLvbukqg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame C416 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=zdorovia.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 05:03:29 GMT
server
Kestrel
server-processing-duration-in-ticks
832530
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
um
u-ams03.e-planning.net/ Frame F068 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=1b32227e1595abe2&uid=f66c2b0869940a26a878505394b8e720
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D1b32227e1595abe2%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 11 Sep 2022 05:03:30 GMT
server
openresty
sid
mug.criteo.com/ Frame C416
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zdorovia.com.ua&sn=ChromeSyncframe&so=0&topUrl=zdorovia.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=q2sIhXxMT0VoTEJDNkVwY2ZwdmM2YTRmZ0FrMi9Scmxjd3M0MCs5RWFHS3RJdHVGbDN1QzA2eTgybktmN0U1V1dudmxCcTZndGZxSjNndjdhUjY3My9BV1VLL0k5dkFCVC90YW5kVVBEY1JnaVduazk5enRjZElGdXRuei...
441 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=q2sIhXxMT0VoTEJDNkVwY2ZwdmM2YTRmZ0FrMi9Scmxjd3M0MCs5RWFHS3RJdHVGbDN1QzA2eTgybktmN0U1V1dudmxCcTZndGZxSjNndjdhUjY3My9BV1VLL0k5dkFCVC90YW5kVVBEY1JnaVduazk5enRjZElGdXRuei9EWEQ1Mnkva2p5ZnlOVE5XRCs1NkthL2FTSkVadGZwc0tieFVoVDRKd25kU24rVGJlZmcrcHJEbWh3NTBUNEgxRXBZWkpES2xYSldsd2NnUVljd3J4aHQ5UWdGeXUyZFJBcUxYMWZ6TSt3TVQzMXgrNUw5Z3dLUDc0NmpEaUI3Q3RmWWJoYW5uMm9ZcTBkNmF1aFRZNldQWmdvV3Vudz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
806c2764b842aa56733261fb699c7e5ea632abdd71386fdc30e6de252ef2fc5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2752018
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:29 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=q2sIhXxMT0VoTEJDNkVwY2ZwdmM2YTRmZ0FrMi9Scmxjd3M0MCs5RWFHS3RJdHVGbDN1QzA2eTgybktmN0U1V1dudmxCcTZndGZxSjNndjdhUjY3My9BV1VLL0k5dkFCVC90YW5kVVBEY1JnaVduazk5enRjZElGdXRuei9EWEQ1Mnkva2p5ZnlOVE5XRCs1NkthL2FTSkVadGZwc0tieFVoVDRKd25kU24rVGJlZmcrcHJEbWh3NTBUNEgxRXBZWkpES2xYSldsd2NnUVljd3J4aHQ5UWdGeXUyZFJBcUxYMWZ6TSt3TVQzMXgrNUw5Z3dLUDc0NmpEaUI3Q3RmWWJoYW5uMm9ZcTBkNmF1aFRZNldQWmdvV3Vudz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
573771
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7DAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=1202049663548947&bg=!AAOlA0fNAAZTikH4c4o7ACkAdvg8Wnki4NMOrC30tF-vnvqIdaxT5gJ9Z4SqHUIfVsZNDb8eP3KD_QIAAAC-UgAAAAJoAQeZAsRYqsr3sQnI3nhSS7F7oqqjxPmZ9aHysiFeI4BmTY1gRrXFofnjY_4StGjp3n2yej5F3dkTpBz32g19nBXCY5NoEuV5keCGFGqEFC2ePFelNcz8DXwvIR5LHHPTJ7rneEaALKaPzAbiXv_J_1XjrB-h2OEbsj2oCoHyN4-5Bw_Az82HOoz6gtu2sleIvxJCwScbFpViTEZnBxZVGbi-zYcZGj2XI4TLjGRwElRZKd8SNz9e9nhS5ZVqmt5YbKb_2tOZl7A72gCW-cMo76Cu_JzwqFjWABTa5xdcCsY0qLrRZwATQrJgPe-i7uogkw-4oM5Qfx4P0Zyyqszu645Xlht_k9jVNEYxrb-ktlY0hk-G2FVhUK8RRxUbJkkMlz-IQV5mdP0KaOdqu9pbYrWt5VIVdUS_kUTdqnh_0yS23Apg2t9j5Fx2_xBiypouo7l9n_PaNKOqFTSAHYLWKEWAwWsSvr5y_fC1JySwYdzRfFfpUapFA2E1Q6uIOnylRKN3pt44GCGrlwOhcUmQOA1bETPSgXwAALzmTvrZO3nP4_Wa83xxa3cY-uJety1OYMnKaY47vdBBjDPymFu_exxAg7Y0natbsHhOQNiN5DgvlLhdh3dyhU_3lXfjnTv4h8SIbByLnidg31N1DOnQYemlIKDwne58M51WODCrjv5FlZVfTBBy8KSkh3jOhO8BJE3wND1rJwP196ndKYYijduG27su3MOHazfOlUXKoyR9qGhJtgbArAe9JhKPyo8yMkr06LVYm1oEzED5jyqWNROhooYKtDlfY1i8mUnvyZUV2ArFbBh9-RP-AWdfZoQymvNNWhxVlMql5fkYtqisSfgUzp98WJBtR2fvl4TIb0ULyBtfX9z4QEYLMSymRkzR-TfwAD6S7iFvTZyUo9pGMsJgDIMzGg-62vgRGVGdjTnZ5aiDWbSYO7c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 3EBD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4-iUqDSbNZNhawV5PjlNgVhK9sBwg7tZa0WwcLijLlU8EGOzDJxJRbnHbvy1rxHOLJGvoBb4WLSH7VJdJEhDcZLiyJU33UFH6Gj-cnywziB9BYmkc5AVEN7FfEv6l78KcQ9BngA&sai=AMfl-YRM841mPqrWBOChKQTSd_g57lknMa2Sg0e_vR9hoti1qqTeaFfe0G5vhAQ-Kc9dtZ_B2oFzQvG083pZ3BlKjZfiafzvtweYCC5286wqyol3wTIyDqK8Ue_rkVM&sig=Cg0ArKJSzF0-QPPTrulBEAE&cid=CAASJORouRNOyrIy344Eb8umm5Te1-hkXH-BuPOnGHjuhaGuF2tpZyAN&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2159672584&rs=2&la=0&cr=0&vs=4&r=v&rst=1662872607853&rpt=1334&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 42EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=1548045983190275&bg=!LS6lLmrNAAZTikH4c4o7ACkAdvg8Wkj9Gsb2aj9bFz_deEDIjbpfl_RktLxZ6dTRqP58qZEVe3Lb0wIAAACBUgAAAAJoAQeZAtnJDJyu9VBRIm8FCpGJxLB9BKOkDgj9gWOTwW92G-RtaCDVeftSQ1a6J0mCvAZR1Fw-e4Bkp73nrPnBdeVUlmfoZX4jSDoJMBDmh6-YLJ1ALO75U65QyILgldEmaAgW4oMKA_o7ZAS_up9V0ytZPW-3IsXiAQa1UhUHaOEKd6Aumkk4SqMnd9k0mEI3m-RIkAk8jFLdNEmc-TppWWBXpsKTg4Us4tvVN4bh_I23NQtOzmWj0n0JU8NL3YPBnMuT8ErDkW3SpRwHsEG5S5uTszYvQVYrK2a8ddg28CSuetPmBGzdq3bHt4sXGN4b3NjXMjC4HoLN81GTxjYAunGfIEpjXn1mbck6eWYP-j7jq09hmPjaLe3EzMaUQudo8eZUuEULyvm82b6I9g7ITJvB4Y6oz-NpmSXEseUlgdFcgmhyIlFaGqdLttFnqDVI8_mN-z1PfooIp8kwOZCC0KGUfH_onVF7yg5SVIr81xIu2891sZXpbzLX6AdK5SU3AvFEm3F_CCJUNJOEBmF_W0gGjGOabSS-D_3F9Iu2OQUIca8BRGXWef_9BuzRXVjd7Oqo5IxXrRJsl5-aB4QwCl_i40YDausgI8PMqrjAkHUXHplX2SqoFJbb1N4AzqYzsE0IfDhf5vY983JA9hlExPVhn2931WEQz-GKed1-yKpw9tIkylgCrnkxNCGzEWOPUt2DCMeK_G8Bo9s2E8ledEwuoH87Slm6Uoo_mUJlPPVxjCDN1uVYZ6gjAMU0zibqmv4dypaZUZgl-sDP6wx2HkHffLKxiCiTYcFfVue1AraiUuck7rZwXuImMXTPXfRXj8RcDb3_vnMlDZpFkirpB4OwzHe40R_2MDrQcTLZ40-wqeY-cFDWzXRzvaFyhjEftM7GgW0bPzr8XMIljw509aPV--9LfvVAI9YRenHWNPdY9atg5Mczib91tDwm-ALVFA8TGk0_NXN0ZglZTGE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 34C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=772274268420186&bg=!V1SlVBDNAAZTikH4c4o7ACkAdvg8WoZyoipaEaOPkSe-QMbL4UatJnp2lM6G_Ubx4bMmTF2bbv_PPwIAAAB1UgAAAAJoAQeZAuL3gOX8ryjnVM-Yc7BdAEIRltnTqcanfZIt_GKohX_xgqH2PWKbEDStNsPG-8u0LvgmaceTZDsMQlNUjwkvcHMvkNugWCn1x3O9u-QGZycAN0G_H9hg3Iy2O7DMs_LcNPh2PvyyuWIsn7adwpXFvE5K8Q3m3MNuoA_chmBIHxYJjpIzZJCC_pzqYgostxhhWbrKZae7F1Grt3Bgkgu0mNkeEE9HcNu-X010TDHtk3JjG9DKFVXmSASW6b9rg8Ho3SYqX-hryos9P33CoXoRGLkKF_VIHZyu6DgxktRHQ1d5-CKsyMiYe3XF1kIlsfY2a4RHF_DyQttShh-KooRTrJk6lCFyNJJUbvkOIw7worq9ymPzYf4dDbSS5poKdqnLDfVtfX5zt8ELuZ0yyUc0vA58sgUBdztwPMhi-1D6SV8NpVbZ0qZEQ_GTeiQRsnBzzIlHqVDavI9Ru4DlOw7GSspxpUsLLYZA8T69zBzOK9A4SmXbcqYdIx5Nz13QnMf8X1I9i6VkXjN6sTLUThgKvHeaNYhWVU5E7VDMeNzOX5GE9whDyI0oXKJAm8fOfNsPsvd3c7Y-e_x6cqPH7G3GOoUuh-0yl--NTOhmrpdltxMCpF5Wm7Ao_J-PtnfG5iVAVsDzg0CF8cScEMr0HXH_wy593jyGjaQHAhBjBZYYBx92knbNPtccnQFqtJXO6G9N40Bk3xMGOgTPmp1UW_CMZITe_fmoJdt8qS2iORD3_Pd-NALU6D3RsgRjcT5mUGiMzP532VVJfarBm8SHJatL31RGKSjcGOYKBYMYxvIA7b9NjWPHXHRxVAB9zmSJXAiLX06VIY3Nn7Sc-UTjf5AAhHpIMOLUYcKs3_jAQGafJdilhCqQkTx0Rh0HV1JJN-y0rIURQBjCeDQ1wifwW-jOSCbz6exshLHlpnGiyixKU9H0EHO9PKdZEUR6KedGL3zzNG5SwE54akuIAStl9StWAOzCquo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
um
u-ams03.e-planning.net/ Frame 8CF0 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=13ed070d5111ba56&uid=f66c2b0869940a26a878505394b8e720
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D13ed070d5111ba56%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 11 Sep 2022 05:03:30 GMT
server
openresty
um
u-ams03.e-planning.net/ Frame ED26 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=1b32227e1595abe2&uid=f480e52263601e65ea80c40c597af449
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D1b32227e1595abe2%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 11 Sep 2022 05:03:30 GMT
server
openresty
um
u-ams03.e-planning.net/ Frame 80EA 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=13ed070d5111ba56&uid=f480e52263601e65ea80c40c597af449
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D13ed070d5111ba56%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 11 Sep 2022 05:03:30 GMT
server
openresty
gen_204
pagead2.googlesyndication.com/pagead/ Frame F1AA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-4577254435597104&su=zdorovia.com.ua&eid=44759876%2C44759927%2C44759842%2C44761792%2C31069448&doc=complete&pg_h=4024&pg_w=1600&pg_hs=4024&c=1&aa_c=0&av_h=90&av_w=728&av_a=65520&b=3873&all_b=3873&d=0.022&all_d=0.022&ard=0.010&all_ard=0.010&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:03:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIanjBq53lOrpa9d9Z51lWU&google_cver=1&google_push=AehlK4AOPks5hGKqG8KBAbIZbB1ylXOfcM-VhRNUjMb5hqbg_GZGT2fOij9J18uKA8W-n-GhSWiGqJoOZOjz6B1jJEamLW1judnE3bk

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation undefined| returnExports function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| _gat object| gaGlobal function| HELPER object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding object| admixerJSONP object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad function| adpartnerBranding object| hb_dmx_res object| banner1550_34360240315586376 object| ap_br_img number| k function| html2canvas function| _open object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_129 object| Criteo object| Criteo_129 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

113 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: 2650b874216d40149f135c67cf7859db
.zdorovia.com.ua/ Name: ngTrackID
Value: 11799b9dd259eb05fb09419dddcd8159
.zdorovia.com.ua/ Name: PHPSESSID
Value: lsdrusbd3qf5qf3nqas3kg01m4
zdorovia.com.ua/ Name: b
Value: b
.youtube.com/ Name: YSC
Value: jTCLtAcToXo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: SPfRj4n_M_I
.zdorovia.com.ua/ Name: __utma
Value: 148597372.1696631988.1662872606.1662872606.1662872606.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1662872606.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1662872606
zdorovia.com.ua/ Name: session_id
Value: c3d58b95-d5ec-43e4-9247-1f14712497c1
zdorovia.com.ua/ Name: site_visited
Value: 1662959006.1
zdorovia.com.ua/ Name:
Value: store.test
a4p.adpartner.pro/ Name: apuid
Value: c258bbdd-272f-4551-b560-ae15395fcb10
a4p.adpartner.pro/ Name: apudmg
Value: 1
.yadro.ru/ Name: FTID
Value: 1Z7MmU0Z9EOO1Z7MmU0029GT
.yadro.ru/ Name: VID
Value: 3vOlYk1BE7eO1Z7MmU0029HK
.admixer.net/ Name: am-uid
Value: 2650b874216d40149f135c67cf7859db
.ads.go2net.com.ua/ Name: am-uid
Value: 2650b874216d40149f135c67cf7859db
.creativecdn.com/ Name: u
Value: lO3rzjzNiBYKI3UfeYj3
.creativecdn.com/ Name: ts
Value: 1662872606
.adnxs.com/ Name: uuid2
Value: 7860071964432485354
ads.us.e-planning.net/ Name: CT
Value: 1
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: d049377d-1527-52fe-83d4-1983e0c9759d
.betweendigital.com/ Name: ss
Value: 1
.e-planning.net/ Name: E
Value: AFw5CxjiqiN3b7ID
.adform.net/ Name: C
Value: 1
.betweendigital.com/ Name: ut
Value: Yx1sHgALAGjsIbSpAHz97hvjRh-nK3RaxSB6fw==
.bidswitch.net/ Name: tuuid
Value: 7ed7d17e-2340-4908-b295-fd8e75af5fc8
.bidswitch.net/ Name: c
Value: 1662872606
.bidswitch.net/ Name: tuuid_lu
Value: 1662872606
pa.tns-ua.com/ Name: uid
Value: Z85C2EC333B2445984B797926C71413B
.adform.net/ Name: uid
Value: 7212381495254490937
.openx.net/ Name: i
Value: 852cfd71-ca26-45e0-9c3e-cbd94ad3e147|1662872606
.zeotap.com/ Name: zc
Value: e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cdba02df-a345-4f66-852a-cc58af7717f9-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.csync.loopme.me/ Name: viewer_token
Value: ccf96e1a-2078-49ff-887c-a269928c2859
.360yield.com/ Name: tuuid
Value: 74d885a6-b5c5-4b16-9f24-19519f99385c
.360yield.com/ Name: tuuid_lu
Value: 1662872606
.exchange.buzzoola.com/ Name: uuid
Value: 7109d9d1-9584-47a6-676a-4731bd206823
.tapad.com/ Name: TapAd_TS
Value: 1662872606995
.tapad.com/ Name: TapAd_DID
Value: 13c99a78-bebe-4449-8f9e-e6514da19c1f
.adtelligent.com/ Name: vmuid
Value: 4fca4293ba7735cb
.casalemedia.com/ Name: CMID
Value: Yx1sHx0B6JWRY.o2BtkD7gAA
.casalemedia.com/ Name: CMPS
Value: 4339
.demdex.net/ Name: demdex
Value: 85344708055734849892380772553784847816
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adx.opera.com/ Name: UID
Value: a2db1bf18cb34c2ba3541f8e299bf04a
.dpm.demdex.net/ Name: dpm
Value: 85344708055734849892380772553784847816
.weborama.fr/ Name: AFFICHE_W
Value: 1ILWSCXM-PvU60
.adtelligent.com/ Name: a319130
Value: ccf96e1a-2078-49ff-887c-a269928c2859
.adtelligent.com/ Name: a297253
Value: 7860071964432485354
.analytics.yahoo.com/ Name: IDSYNC
Value: 1985~273h
.tidaltv.com/ Name: tidal_ttid
Value: 045bf2b0-a51f-4133-83b6-7282d9d2a0db
zdorovia.com.ua/ Name: lapuid
Value: c258bbdd-272f-4551-b560-ae15395fcb10
.adtelligent.com/ Name: a307558
Value: c258bbdd-272f-4551-b560-ae15395fcb10
.adtelligent.com/ Name: a584890
Value: 7860071964432485354
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.adtelligent.com/ Name: a309255
Value: 6f5e4de7-da3e-49fe-ad64-c324afaf1037
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjI2tzK0MAIAVktlHwkAAAA="
.yahoo.com/ Name: A3
Value: d=AQABBB9sHWMCEBrQlTHGkciTWMoBy400NaY&S=AQAAAlOkqpUfEtDP0SGEKCvRf8k
.adtelligent.com/ Name: a289656
Value: 74d885a6-b5c5-4b16-9f24-19519f99385c
.adfarm1.adition.com/ Name: UserID1
Value: 7141983464482732182
.casalemedia.com/ Name: CMPRO
Value: 1847
.agkn.com/ Name: ab
Value: 0001%3A9H7p2N0Whtn1QqLZZBFwlCDgyzFlOgqr
.lemmatechnologies.com/ Name: uid
Value: 1221b59f-318f-11ed-9c9a-801844df0ab8
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.krxd.net/ Name: _kuid_
Value: PEm0oQur
.adtelligent.com/ Name: p440467
Value: 2650b874216d40149f135c67cf7859db
.richaudience.com/ Name: avcid-zeo-uid
Value: 110feb97-930c-42dc-52b1-8e4b4364ecc0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yx1sHwAM9WWMEwAK
.fwmrm.net/ Name: _uid
Value: "e5c6c_7141983464479772310"
.adtelligent.com/ Name: a307971
Value: AFw5CxjiqiN3b7ID
zdorovia.com.ua/ Name: session_pageview
Value: 1662872608.3
.zeotap.com/ Name: zsc
Value: %A8%B1%1B_H%ABZ%7B6%B0%F7%CF%F8W%FC%27U%13%BA%BA%08P%9D%162pz%EF%0DW%B6%82GQ%A1%97%E3~%8Ep%D45.%13%0AO%1B%D8H%18%09%F1%F8%A5G%84%EB%1B%EA%D8%D2M%A4%A3%94G%ED%B4.4%3C%95%D9GI%29%A5%15%D5%FCZUO%22%BE%14%FC%27%07I%11%005%B7%02%84%21%AC%99%F9r%83h%A1%EB9%3D%CD%1E%14T%8B%83%8AV8%9C%A7%F4%A2%BD%0B%24%EA%F5%151V%27%C9%EA2%CF%3F%1E%60%A0%19%BDD%0B%D8%28%B2%8E%FA~%F4%CAO%FBg%5C%A2%D0%A6%A9%8A%D5i%9C%E1%02%95b%CD%2B
.zdorovia.com.ua/ Name: __gads
Value: ID=83dddaf5a1c128b0-22916fca1bce0009:T=1662872607:RT=1662872607:S=ALNI_MbiN1m2SNVLCOqBvq3bkdS-KrN-hQ
.admixer.co.kr/ Name: __auid
Value: 73e4f30d9af9d9086137da44aa172e8b
.admixer.co.kr/ Name: __puid_103
Value: 2650b874216d40149f135c67cf7859db
.admixer.co.kr/ Name: __id_utm
Value: 20220911
.admixer.co.kr/ Name: __id_inf_103
Value: 0_2650b874216d40149f135c67cf7859db
.doubleclick.net/ Name: IDE
Value: AHWqTUl68htSmNHIDlffRgkiftAgkrAskD1gFlOeIDneljjMfh7AfjplI6132pzy_Hg
.dtscout.com/ Name: l
Value: 6D001662872608329D5A2E3765F634E2
.doubleclick.net/ Name: DSID
Value: NO_DATA
.audrte.com/ Name: arcki2_adform
Value: 7212381495254490937!20220908!1662872608331
.eyeota.net/ Name: SERVERID
Value: 20190~DM
.console.adtarget.com.tr/ Name: vmuid
Value: 62bb3e95d00ea4b3
.console.adtarget.com.tr/ Name: a307457
Value: 7212381495254490937
.adtelligent.com/ Name: a318342
Value: 62bb3e95d00ea4b3
.rlcdn.com/ Name: rlas3
Value: LNSqPyJVkkD3UH2MV/v4+UoXtVpQJdJs+QxKb2LHDM0=
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>0dx@>I!]tbPl1M>e)ZlrFUfJ+tGXxoD?Qb'h:t[$R[ds7E<>$?oZJE'kQ<7bcC^CX:3If)y3KL9D3I?+OMQX=o
.rlcdn.com/ Name: pxrc
Value: CKDY9ZgGEgUI6AcQABIGCOndKhAA
ads.avct.cloud/ Name: uuid
Value: 3bd810cb-550e-404c-a941-155acb5e953f
.audrte.com/ Name: arcki2_ddp
Value: CAESEK6dH_bKjrZMyjQZF1W0U_o!20220908!1662872608743
.audrte.com/ Name: arcki2_TTT
Value: 1662872608744!42eDBeW2uUqTHSxgiL7WaYrMg!1123#866#1598#190#1495#484#1329#1231#1168#796#310#454#880#-1#1464#1720#1686#1667#918#112#1834#629#1188#1817#1573#-1#1298#1455#1663#552#-1#146#271#1222#262#783#1230#1512#1133#625#685#873#-1#1761#963#-1#335#1427#370#532#449#1758#1558#464#938#-1#757#307#340#308#626#430#1473#766#1702#1073#1745#1717#279#8#1005#231#689#1585#306#1264#1324#662#1788#1244#-1#234#294#828#1517
.innovid.com/ Name: uuid
Value: 195d9958-769e-4a23-b5f9-c8ce081f93c3-20220911 01:03:28
.casalemedia.com/ Name: CMTS
Value: 4525
.quantserve.com/ Name: d
Value: EDYBCQGJJ4EA
.quantserve.com/ Name: mc
Value: 631d6c21-3ed9f-ff95b-b19df
.audrte.com/ Name: arcki2
Value: 42eDBeW2uUqTHSxgiL7WaYrMg!20220908!1662872609347
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022091105032900079297119517
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 631d6c21b3ff1725
.addthis.com/ Name: ouid
Value: 631d6c210001e5798b1bdbc700a869b526c31d7a230af13603e0
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220911
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.criteo.com/ Name: uid
Value: b71468ca-4337-4bb4-82b7-ae9f16d3bc18
.zdorovia.com.ua/ Name: cto_bundle
Value: 2bzepF9QdkdJc2lTSlglMkJ1eGFCRFdXODFmb3BFTzJLcFZrcXJ5RFJRWG5sanlEOTlzSjlGcDJDRlMzb1AlMkJvTE1XMSUyQjZWWUFxeGZWQjF2aEM4UTMxT1Q3JTJGJTJGMWdhRXB6JTJCRjdxZTR0VWp3ZmJMaXVKdkppUmtzSTklMkJnb1loOUQlMkZoZVhlVzE4SkF4M294cDZsZzFBWVlwa1JCcXl3JTNEJTNE

10 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=110feb97-930c-42dc-52b1-8e4b4364ecc0&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=110feb97-930c-42dc-52b1-8e4b4364ecc0&reqId=75b8692c-4dff-4afd-67b8-533b6ff38d2b&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e0ed9c6d-bac9-4253-5da8-7b99f5ee6be9&reqId=8614291d-12da-4f97-581f-926cc230b1db&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIanjBq53lOrpa9d9Z51lWU&google_cver=1&google_push=AehlK4AOPks5hGKqG8KBAbIZbB1ylXOfcM-VhRNUjMb5hqbg_GZGT2fOij9J18uKA8W-n-GhSWiGqJoOZOjz6B1jJEamLW1judnE3bk
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.avct.cloud
ads.betweendigital.com
ads.go2net.com.ua
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
adx.adform.net
ag.innovid.com
ajax.googleapis.com
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bidswitch-eu.splicky.com
c.bigmir.net
c1.adform.net
cdn.admixer.net
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
counter.yadro.ru
creativecdn.com
cs.mobfox.com
csync.loopme.me
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
e.dtscout.com
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.tapad.com
ps.eyeota.net
r.casalemedia.com
r.i.ua
rtb.com.ru
rtb.openx.net
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.lemmatechnologies.com
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
t.adx.opera.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
zdorovia.com.ua
googlecm.hit.gemius.pl
104.18.18.126
104.18.19.126
104.18.3.81
116.202.236.172
13.225.78.37
13.32.99.43
142.250.184.226
146.0.227.107
146.0.227.109
151.101.130.49
158.69.139.225
162.55.236.225
168.119.168.187
172.217.18.98
178.250.0.165
178.250.2.146
183.110.238.136
185.172.90.250
185.172.90.251
185.184.8.90
185.64.190.78
185.86.137.132
185.89.210.153
188.42.191.196
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.19
198.47.127.18
199.115.119.227
205.234.175.175
212.82.100.182
213.19.147.45
216.52.2.30
23.205.235.133
23.75.240.210
2600:1f18:6593:f602:82a0:df8e:67ea:6e72
2606:4700:10::ac43:db6
2606:4700::6813:ad6c
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2006
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9b
2a02:2638:1::3
2a02:2638::1c
2a02:6ea0:c700::17
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:200::300
2a05:d018:24:b002:4b1d:b4d8:d7a1:7bd5
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72
2a0c:5c81:5149:0:c634:6bff:fefd:5008
3.126.56.137
3.127.154.94
3.127.178.105
3.231.177.24
34.111.131.239
34.200.207.25
34.98.67.61
35.158.39.190
35.227.248.159
35.227.252.103
35.244.174.68
35.71.131.137
37.157.3.28
37.157.3.29
37.157.4.39
37.157.4.41
51.15.145.116
51.75.86.98
51.83.220.94
51.89.99.21
52.18.211.80
52.213.127.205
52.213.133.86
52.48.82.83
52.95.126.138
54.171.98.27
54.229.14.30
54.229.65.185
54.78.254.47
62.149.1.122
67.202.105.31
69.173.144.139
69.173.144.165
69.192.160.219
77.123.132.26
8.2.110.114
8.2.110.206
82.145.213.8
83.222.114.189
85.114.159.118
88.212.201.204
88.221.168.201
91.210.190.92
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0193a52f03590d337d19fd289faaad667b39c6b98ba7d028c9590f209b612cbb
02567b181cb4cf10c1c1a13c3508712f613c27bd66cccf6127e6cab293c739e1
041c802ef56b72c210216f5ccd22f9b9c7e3d98476670c6284990fba4a1930b3
07e0d569a83913bb0dc5c9d3046c023f23446a7ede891f76dd514900b11e7997
08ad01d28c2c56375fa1a78e04d082f91cb3e4e1f32fa9dc04c4ea72e39a7848
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0ae3ff9b22b16109702412fe9cc1eb0da2c6e774d6836d2188dca8a85fc1d582
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8ad510ab9eae791f8e119b89cfbb8ebf40684d063e8daf43a3d1dc49885ae0
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
150bc463a8a133c057be571edf74b40d6192117692f1110e01c12eed0c31cf3e
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
16a9e49143c8c7f5f32986762dfba07316016a388b9181227adaa60ae0753d2c
1782af1dc227711d881c3fa37d6925355075bedeb8ca9ed6867f46efbc086bf3
17baf7b8788b848390db0525181b96f9a7c0e026d691c337cecda415d4a68706
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a46ccdf46745b95a6535099b3d444641bf83d130d205682c528257e12a10967
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1c8572513703f62a64c67c4b14b3544f4a6559fbceb27217da911d01ec6562f9
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
1e178b3f69e5657653742ecb5fb9755753307d57f18f7b266db6b0ccdfe5d2b0
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
26af67314aa6015ce9c54945b3eeeb81f1d3834f065f2cb99b6c41a11691b6b2
2772139f5175733bfc8de709c2ea8080888a7cd47bdb1de35f380290048a5b3b
27ffb8af403279858143417c32a29369049b8aa147de70abc2dbc6def5ea92f1
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
283c46e2d1f471a41280f8726939e8b2e7a39ec87ec57ffe480069e7bae1b702
2a2e62c555ae2782fa0a3e405972091347c3d62cb16039e1a8fe7bb4c1226b5d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cad63c8ddf97c3f520af2ed3ca33a5617041806d4f66a573f8c836f3af9f6a4
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2da35fbda1d1846dafe19cd1bc79afce518145cf24e6e7f318c5c4a18b811a0b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e838e7cbd9a87d5f2456d9dd4aba04c244e39b7aa5a986c9bfe289d51794e95
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
3181a6a7a2c06416588a4e063835776a602124463e487821e85fcacfe653618c
34d32d198ac914ad4a9d11d0a2269e8cc2c0c68a769585759078020987c4a6b4
3d194c854d4dfc27fabf9977f2afd7f6c5e5795b84f8ac6d5939f54953586198
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3e2d71b70123d5668b745014d9ab2501c033020e94d773d735280ccb155f6cd8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ede1f8ead7ab6ad46fcfbcd04376bb970dc12f52a42daf3e7dfb5df156b818b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405a2822f13160db99af498e688b4e7d8058f90306e5129d84c978c0677ff370
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46ccfecc58742c93070c0a1cba02a1668df9a61c6d80f33f6d29c8d694cbd0bf
4703347652c3f1dc8ec0b79eed581b9ed4141a9c98592e0c06d1848eb15d7f62
47051ffe4c3e03cfe03e502825187de88bfb6cd710407cd3de40d2466c922351
4730d2574ae3e652cdc2b9f013e45879baacf9a46086b5996f49de63476da1cb
47db6554f41082e173fb271d204e3a563d136fceac06db06beb89c0ae20069f3
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6
48f0be6fc284e26763ddfbc1389c6f0893a1e1ada34ec1c9862900216a875b25
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d066e71f460f47d443274fbbb4b550bd1d68e2d4df4ad39e8117cdd3b3d9867
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d86aecb86ff197716058aff5e5ef405a3b46b3c96ec939965cc7335c88e6f3e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eaea82dea4dd594eb694282b30d0b2a98e71c76ada9172745743da94ad855da
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
5217a346bfde995972ffbca690e2517db4093be0ac357e5fb7fe7f10a6e6afda
535699d430009be6bdda92b798294d2151103ba46252a465dd87c3c7b50f74ca
548d1d690aa414adb60bbf56bfd077d75da4a63d15210cf93344a3ed04ddfd84
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5823febbfb1fc1db57624117ab49aadef78f2a3408c7c673b6d6f8d564b130de
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5b2a1c3c00aa27ba5b7aff91d06ddba6df439f59de660464e7d318a42eca2a90
5d9fa58c3fcb0fdf23e693c4ef905cc95467c66d24cca9d119a33c39281eb675
606ddaed8405179d74f99487d0ca7c0d2488ebafa684e2600c3ea2803e926d05
60c2b41c1e97a9d450caf5b032f569824a1fe387f5c7c2e1767a66da812b51ab
60ea33fa5064cec35e47e6c4b12abdbfe0c06b47d8cfee8e9496d1984e5df56a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62dd7b0ccfa8bdaf6f9cca4f3138298c44e5bfe4da2af6ca6f400ac4f7ce8b6f
63efbbe81f8cb58574831c943d5950d3e3cc2d0e0d9e620b9aab785bf51fb70c
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb6d2ec712b50aafdda63ad4bb0d0ce8e895a8c43699674eb66013a0b8d719a
6d03236ed9095e8798e2d5fea4148ce1234c1b3f5cb9b4ac2e3ca96cd65d0688
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
75ce665c38835e7f7d9550edc427b23a0b946e9f07bb0b3090e9be6549486590
7a0dadde0b435ea262963c6742272087c184be834b81b2330ef115603ac373cb
7f5163d30aa00a299f8015051d075e855c5d4396ee79d1c254199d44848049b6
806c2764b842aa56733261fb699c7e5ea632abdd71386fdc30e6de252ef2fc5b
81b7eb06ab05d2651be2d618ee56dfdc42e1c6ac63e2d704502fe19e1b9af24c
81d685a2f5080f926b60066bb702cadcac776403ffea25a12c54cddf36f752fd
830fdf7bbb938d72d5b2561e2ccfb714b8b3e7ccb355a0626d18232034388eca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844ed406476ec12c22d6f85fe09b7eaadd84f4bc7b29519b42ae75cbee0015cd
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
86c3d46020d463f817ecdab0ea74b6e9174807260b3c39a513afe61189cca631
8717384e9e6bb922463148079ef58c0e166f468b43856a263b55a6820d88f872
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2
920666a928ec9c6a443110fc4b4ee2332554299b5d25c0932e5d9312f13eead1
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
95c5ddab27c144fea94a0a11b701414030e3d7a0d8e043525db61ecdadbcf429
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
9785864a41aae226145084033506c55f74752107531c101eab0e4004bc59d933
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
986209b670096a311ede4e796a4957e47482cc5417d7ae98ef6c4df604692f97
98662b07a54e18b00a02dde1c21283cfcfdb3f697eba5192b4f5e271cab488f4
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
9a25acaf6a77dbbd05be0d8782dfb1828d0cae8ff279763601cb538bd0c85b8d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af12d8880e531766747a4a7c42c4c7ca1912e3a5e8e425bdbf6572183d27056
9c6bf593e80e811db71a5eb12029ba1652189db51e604a34c458e554faa3304f
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a259bb17f2355a87a3420776abcb937b1f6d0a7a749e3caa2b69929003827e26
a28f0344a6649cfbaa531378f79ba0fc5a0f13b9e07ed45fdd2e6d69307ee3c2
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a538b491a7f92a4c7c5b1b4c3fd1a89ddefd5001323810acba38b6748530258c
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
aa9104fcfc53111a3ac0ed288b2c3c7da2eaf541d52c5bb0c82f55de794fedeb
ab420a1b05301d25dd20fcd88331d007bf6208241e9ea887b5e6fe3ff89f730b
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad16ba41bfd749b84d3812064231f0540eb92202b60870d66d6289120f472eeb
b0465061f71e25d065152d823f41a2c562a11d4bafa7678c9bf648c4b56afbb0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b5b0f78524dadf7a33e842ed1b3beb652f1ee3599dbf67ccccf819f51cb8bd47
b6135e708f97fb583744321787055efe0a7d81e8d86b34361dbc96a001002d56
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b71ffe4069eb53179a0bf651608382118fdcefb1aaa3dc96869fd2be34e0ce52
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b81f58129fe848729aa47c61ffed07ee009b4824f33aea90fcb077a83d0acaad
bac8d5ac143399f5bce1f6bf0aa3964d058834e348e6f6e1e8a0bd673e3e0bd2
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcb5c16a0a01f9dfd4a58bc8011eab5970423057a181e33cdc1c2a000324400b
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1668d86b5d7e7ed9f1dd299ba412d92b3fc92256887fb4c0e1d197aae5e037c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4a92b5ac13a1232b9a318c87536138dbe7894e1b0bccd5c2e6aa5e3a518e9bb
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
c89adb6a38f363d68b48f7281b2d6c057cf8df24b3cb4f93ca2f6aefcc42c716
c8a3a34565fedfe7002149e7898edfe950ffcf3799ffc03b3e1bee33a9400dbb
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
cbd7a0d6e58be879a1b79769baf5809dd9fc0d7c6bcaf2963f50d3430dee6675
cc97d2351c38cc3a52b8cf3fa51d2548b9c0b654e0e9e636799edee48606c5a7
d00a7d747022d19e7c8b897b1bef97aaddccbfeb9e475437566dabf7266e2777
d08e45615e5ae0ee4a03831259ce7a93d30fb6cfb1898c360e9201887c7d1618
d0c04d195fd699a26fc645b83f4a24a7077c466fe91b92b60203811100de6454
d3881a3c57ccf56ed993c153db0aac2c07c0cd4476b319b299d062aacafe5878
d42cc20aa474e9559445bad60e1cddf4d57611e12c2964a4237c437ae7bfc6a1
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
d59b6974258894dfb89e5a54670784f6417df5a47bdefb58fefe99e94d6ef933
d69f9244c8053f228c6e086a4106e1f696bb8ed21fe6e210e76b612cac784733
d8ed748859a20af156216b18113f0837aa9d0ffeb1652af5925c3815a38e2182
d97ff0af3a6068985d710149cf1fe91469ddae60a8a0415f1e6b8a777442937d
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc429f4a056bb2e658217196c3984ed2eca12cf9f1b2618988d5f1dc2c2465c4
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df466fa3dfa5688021d72f1e41a7aa49c12b79943b37dc0846b5bfc2534d6d02
e1d8cf50eee0d477713a8ef740ff06655aaced095b0b12aab7140b994ace745e
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12
e32993606a8ec9bef86dda3771fb622013d3add0dcbfbc1ad7ab912101211be5
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e444f2d6ab82742be31853a29d3ddbf08f8189469ba254004ede7288d063b141
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e6c3b6feb38d27681b658abdcf4a0b477c68686e78c7b0794abe981dec40191b
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e804997a1a22e8e896aec28860e1736d6eeb2bd1e82070dbdcf49e12ac88339c
eb01340cc23dd2186cc66114d51dbbbbd59e438dca7946e176e4d1aeaeb18eca
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
f05ff75243a02f8c87543c91edcf7f1dc98aef6aadc589d26b7eb4af4f7f3e67
f347fcfc50a2369431e1317fd620a222e26e33e775a3bc19d117dc015f0389e0
f41258b0ccd3fad1d2d22f40e2813f3ec3aae2dbdf542c645ee6c1098f915119
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f
f582a51e5a6cee62ddf9c8d2c66cef0b58ce4c7bd7b526b5cf4b4e0670ac44d1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b6a6a13c2c781dceb0e23aa22f936b284b52b95ef6738b26b6eba31f0a8acc
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f92669a837f44b873629979610dcdc6218ca64f967521d4a56cb4aadf686c8
f92c42bfaeab3de1543e24d3471b53398620ec2ed60bfa43b8d14d269fe9a0d7
fc77f9d7043a27d09c69df9857857bf57ccda2ba44a0cfb1c8ab4b3e7888925b
fc90b97c332ebea117c9304b72afcb165c336c08e9ab6db4a41bb71b54ba4f55
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fda780e892e784a43ed653fae1a67583e0a8221a258e72ca067e6ecb52cd706a