urlscan.io logo urlscan.io
SecurityTrails logo

zdorovia.com.ua Open in urlscan Pro
91.210.190.92  Public Scan

Go To Rescan Add Verdict Report
URL: http://zdorovia.com.ua/
Submission: On May 16 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 117 IPs in 22 countries across 115 domains to perform 704 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 91.210.190.92 48440 (AS-EKVIA)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a03:90c0:41:... 199524 (GCORE)
2 104.18.2.81 13335 (CLOUDFLAR...)
2 4 88.212.201.204 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
5 30 137.74.6.209 16276 (OVH)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 17 146.0.227.109 20773 (GODADDY)
13 146.0.227.107 20773 (GODADDY)
5 77.123.132.42 35680 (VOLIA)
2 2a06:8640:572... 55081 (24SHELLS)
2 193.200.65.6 6681 (GIVEME-CLOUD)
3 216.52.2.30 29791 (VOXEL-DOT...)
2 8.2.110.206 46636 (NATCOWEB)
7 15 104.36.113.35 62713 (AS-PUBMATIC)
17 38 172.217.16.130 15169 (GOOGLE)
7 7 185.64.189.110 62713 (AS-PUBMATIC)
1 1 199.115.119.227 30633 (LEASEWEB-...)
7 7 35.211.178.172 15169 (GOOGLE)
4 34.98.67.61 15169 (GOOGLE)
4 5 18.156.0.31 16509 (AMAZON-02)
2 4 185.184.8.90 204995 (RTB-HOUSE...)
8 10 2.20.157.55 16625 (AKAMAI-AS)
1 2 168.119.8.212 24940 (HETZNER-AS)
1 2 37.157.3.28 198622 (ADFORM)
3 2a02:2638::3 44788 (ASN-CRITE...)
6 51.89.9.252 16276 (OVH)
1 4 5.178.65.246 50673 (SERVERIUS-AS)
2 2 3.123.194.120 16509 (AMAZON-02)
2 62.149.0.36 15497 (COLOCALL ...)
2 8.2.110.114 46636 (NATCOWEB)
1 3 194.247.175.19 196831 (BEMOBILE-AS)
1 183.110.238.136 4766 (KIXS-AS-K...)
2 2 188.42.196.115 7979 (SERVERS-COM)
4 66.155.71.150 13768 (COGECO-PEER1)
3 9 35.186.253.211 15169 (GOOGLE)
7 17 52.71.149.243 14618 (AMAZON-AES)
6 5.178.65.253 50673 (SERVERIUS-AS)
3 7 162.55.236.225 24940 (HETZNER-AS)
8 10 37.252.172.45 29990 (ASN-APPNEX)
9 5.178.65.245 50673 (SERVERIUS-AS)
4 12 104.92.74.8 16625 (AKAMAI-AS)
6 92.122.147.28 16625 (AKAMAI-AS)
3 205.234.175.175 30081 (CACHENETW...)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
77 2a00:1450:400... 15169 (GOOGLE)
2 3 35.227.248.159 15169 (GOOGLE)
4 6 37.157.6.241 198622 (ADFORM)
4 15.197.193.217 16509 (AMAZON-02)
1 2 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
6 10 198.47.127.19 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.212.211.89 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 3 34.111.131.239 15169 (GOOGLE)
2 2 185.86.137.131 201081 (SMARTADSE...)
2 5 3.248.131.63 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.122.23.73 16509 (AMAZON-02)
2 34.248.96.95 16509 (AMAZON-02)
4 4 151.101.2.49 54113 (FASTLY)
1 108.157.4.112 16509 (AMAZON-02)
1 1 3.81.232.90 14618 (AMAZON-AES)
1 2 52.94.222.140 16509 (AMAZON-02)
2 3 69.192.160.219 16625 (AKAMAI-AS)
3 3 54.77.57.224 16509 (AMAZON-02)
1 67.202.105.34 32748 (STEADFAST)
2 2 23.88.75.186 24940 (HETZNER-AS)
1 21 23.227.139.243 55081 (24SHELLS)
2 2 54.74.45.231 16509 (AMAZON-02)
6 178.250.2.131 44788 (ASN-CRITE...)
4 69.173.144.139 26667 (RUBICONPR...)
1 1 23.108.101.160 59253 (LEASEWEB-...)
3 18.66.248.90 16509 (AMAZON-02)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
25 2a00:1450:400... 15169 (GOOGLE)
3 51.158.28.83 12876 (Online SAS)
1 69.173.144.165 26667 (RUBICONPR...)
3 2600:9000:206... 16509 (AMAZON-02)
2 2 37.157.3.29 198622 (ADFORM)
4 4 103.229.205.242 30419 (MEDIAMATH...)
6 13 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.180 1299 (TWELVE99 ...)
1 2 178.250.2.151 44788 (ASN-CRITE...)
5 54.157.213.43 14618 (AMAZON-AES)
1 1 54.87.192.123 14618 (AMAZON-AES)
2 3 54.216.37.155 16509 (AMAZON-02)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 5.161.54.172 213230 (HETZNER-C...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.101.34 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
1 2 52.213.127.205 16509 (AMAZON-02)
1 151.101.129.44 54113 (FASTLY)
2 2 213.19.147.44 3356 (LEVEL3)
2 8.28.7.84 62713 (AS-PUBMATIC)
1 1 51.79.83.225 16276 (OVH)
1 2 159.122.14.34 36351 (SOFTLAYER)
4 4 2620:116:800d... 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 35.211.141.197 19527 (GOOGLE-2)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 37.252.173.22 29990 (ASN-APPNEX)
3 4 69.173.144.138 26667 (RUBICONPR...)
3 142.250.184.226 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
52 2a00:1450:400... 15169 (GOOGLE)
1 13 18.157.192.56 16509 (AMAZON-02)
6 3.122.214.165 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
2 4 54.229.167.95 16509 (AMAZON-02)
2 54.246.237.93 16509 (AMAZON-02)
2 172.217.23.99 15169 (GOOGLE)
2 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
40 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:214... 16509 (AMAZON-02)
30 2600:1f13:800... 16509 (AMAZON-02)
10 142.250.185.162 15169 (GOOGLE)
1 1 194.213.62.37 13036 (TMOBILE-)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 4 185.94.180.126 35220 (SPOTX-AMS)
4 4 18.193.50.241 16509 (AMAZON-02)
1 142.250.74.166 15169 (GOOGLE)
3 198.47.127.20 62713 (AS-PUBMATIC)
2 2 35.244.174.68 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 169.197.150.8 398989 (DEEPINTENT)
1 38.27.122.158 174 (COGENT-174)
2 2 18.158.204.100 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 103.231.98.208 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 52.215.230.177 16509 (AMAZON-02)
1 1 34.199.172.6 14618 (AMAZON-AES)
1 1 34.111.129.221 15169 (GOOGLE)
2 2 3.124.13.195 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 216.58.212.146 ()
1 2a00:1450:400... ()
704 117
56    91.210.190.92 (Ukraine)

ASN48440 (AS-EKVIA, UA)
PTR: internetmedia.ua
zdorovia.com.ua
nashamama.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
16    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.go2net.com.ua
cdn.admixer.net
2    104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)
i.i.ua
r.i.ua
4    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
30    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
1    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
14    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4014:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.co.uk
17    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
13    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
ads.go2net.com.ua
5    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
2    2a06:8640:572:0:ec4:7aff:fecf:c440 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
3    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
15    104.36.113.35 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
38    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    199.115.119.227 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
7    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
4    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
10    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
2    168.119.8.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.8.119.168.clients.your-server.de
exchange.buzzoola.com
2    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
2    3.123.194.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-194-120.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    62.149.0.36 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: cc86365-05.cc.colocall.com
s.console.adtarget.com.tr
2    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
3    194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
9    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
17    52.71.149.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-149-243.compute-1.amazonaws.com
a.audrte.com
6    5.178.65.253 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
7    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
10    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
9    5.178.65.245 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
12    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
6    92.122.147.28 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-28.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    205.234.175.175 (Leesburg, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
18    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
77    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
6    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f602:96e:5500:bf36:df5c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
10    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:7f8c:c578:a60f:a080 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.212.211.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-211-89.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
5    3.248.131.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.122.23.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-23-73.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    34.248.96.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-96-95.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    108.157.4.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-112.dus51.r.cloudfront.net
engine.widespace.com
1    3.81.232.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-232-90.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
e.dlx.addthis.com
3    54.77.57.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-57-224.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
2    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
21    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.spotim.market
sync.console.adtarget.com.tr
2    54.74.45.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
ad.360yield.com
6    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    23.108.101.160 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1h-apac1.zemanta.com
3    18.66.248.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-90.dus51.r.cloudfront.net
tags.crwdcntrl.net
3    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
25    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
3    51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu
js.cookieless-data.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
3    2600:9000:206f:8400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
4    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    54.157.213.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-213-43.compute-1.amazonaws.com
cs.yellowblue.io
1    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    54.216.37.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-37-155.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.101.34 (France)

ASN16276 (OVH, FR)
PTR: bixel-4.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
2    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    213.19.147.44 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-2.cloudy.ovh
pixel.onaudience.com
2    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
4    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
1    2a05:d018:d29:3601:c13b:f765:4942:677a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    35.211.141.197 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
52    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
13    18.157.192.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
ih.adscale.de
6    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
10    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    54.229.167.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    54.246.237.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-237-93.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net
p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
40    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2600:9000:214f:a600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
30    2600:1f13:800:7780:6e08:b1b7:7be2:2f21 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
10    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
1    194.213.62.37 (Novy Jicin, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid4.ibillboard.com
bbnaut.ibillboard.com
1    2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    18.193.50.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-50-241.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    142.250.74.166 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s12-in-f6.1e100.net
ad.doubleclick.net
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    18.158.204.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-204-100.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    103.231.98.208 (Japan)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    52.215.230.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    34.199.172.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-172-6.compute-1.amazonaws.com
sync.ipredictive.com
1    34.111.129.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    3.124.13.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-13-195.eu-central-1.compute.amazonaws.com
tracking.m6r.eu
tracking-a.dsp.m6r.eu
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    216.58.212.146 (None, )

ASN- ()
p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i1-v6exp3.v4.metric.gstatic.com
1    2a00:1450:4001:80e::2012 (None, )

ASN- ()
p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i2-v6exp3.ds.metric.gstatic.com
Apex Domain
Subdomains		 Transfer
129 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
2 MB
72 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
ad.doubleclick.net — Cisco Umbrella Rank: 202
275 KB
57 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 609
image2.pubmatic.com — Cisco Umbrella Rank: 932
ads.pubmatic.com — Cisco Umbrella Rank: 439
image6.pubmatic.com — Cisco Umbrella Rank: 612
simage2.pubmatic.com — Cisco Umbrella Rank: 606
image4.pubmatic.com — Cisco Umbrella Rank: 875
simage4.pubmatic.com — Cisco Umbrella Rank: 1170
aud.pubmatic.com — Cisco Umbrella Rank: 4537
63 KB
53 zdorovia.com.ua
zdorovia.com.ua
1 MB
41 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 805
pixel.adsafeprotected.com — Cisco Umbrella Rank: 548
static.adsafeprotected.com — Cisco Umbrella Rank: 552
dt.adsafeprotected.com — Cisco Umbrella Rank: 504
288 KB
40 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
1 MB
35 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8026
file.adpartner.pro — Cisco Umbrella Rank: 277204
61 KB
23 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44664
inv-nets.admixer.net — Cisco Umbrella Rank: 2358
103 KB
23 go2net.com.ua
scripts.go2net.com.ua — Cisco Umbrella Rank: 934860
ads.go2net.com.ua — Cisco Umbrella Rank: 295546
315 KB
22 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5502
s.e-planning.net — Cisco Umbrella Rank: 7084
u-ams02.e-planning.net — Cisco Umbrella Rank: 66464
i.e-planning.net — Cisco Umbrella Rank: 7160
10 KB
21 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1146
eus.rubiconproject.com — Cisco Umbrella Rank: 556
token.rubiconproject.com — Cisco Umbrella Rank: 692
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2479
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
44 KB
20 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 74
5 KB
18 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1764
mwzeom.zeotap.com — Cisco Umbrella Rank: 1486
6 KB
17 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2430
19 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7301
ih.adscale.de — Cisco Umbrella Rank: 5643
16 KB
13 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 6907
sync.adtelligent.com — Cisco Umbrella Rank: 4112
7 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
dis.criteo.com — Cisco Umbrella Rank: 725
gum.criteo.com — Cisco Umbrella Rank: 393
mug.criteo.com — Cisco Umbrella Rank: 2669
9 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
secure.adnxs.com — Cisco Umbrella Rank: 424
9 KB
11 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1524
us-u.openx.net — Cisco Umbrella Rank: 399
1 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
325 KB
10 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 891
tags.crwdcntrl.net — Cisco Umbrella Rank: 1570
sync.crwdcntrl.net — Cisco Umbrella Rank: 721
37 KB
10 adform.net
adx.adform.net — Cisco Umbrella Rank: 4019
dmp.adform.net — Cisco Umbrella Rank: 2468
cm.adform.net — Cisco Umbrella Rank: 2172
c1.adform.net — Cisco Umbrella Rank: 571
track.adform.net — Cisco Umbrella Rank: 3865
4 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
ssum.casalemedia.com — Cisco Umbrella Rank: 1323
9 KB
9 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5436
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5881
4 KB
7 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1625
1 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 297
cms.analytics.yahoo.com — Cisco Umbrella Rank: 880
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
4 KB
7 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3062
adservice.google.co.uk — Cisco Umbrella Rank: 4630
2 KB
6 gstatic.com
p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com
fonts.gstatic.com
p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i1-v6exp3.v4.metric.gstatic.com
p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i2-v6exp3.ds.metric.gstatic.com
50 KB
6 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 904
5 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
5 KB
5 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 6186
1 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 435
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 518
2 KB
4 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 427
cms.quantserve.com — Cisco Umbrella Rank: 1128
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
1 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 31762
cr.frontend.weborama.fr — Cisco Umbrella Rank: 21431
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
1 KB
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3501
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
764 B
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 690
1 KB
4 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
584 B
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8141
3 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
fonts.googleapis.com — Cisco Umbrella Rank: 46
32 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 789
970 B
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13702
pixel.onaudience.com — Cisco Umbrella Rank: 3281
1 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 466
2 KB
3 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 6854
2 KB
3 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 5558
52 KB
3 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 2660
1 KB
3 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 49788
643 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 472
usermatch.krxd.net — Cisco Umbrella Rank: 1256
943 B
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 679
match.taboola.com — Cisco Umbrella Rank: 2142
590 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 437
769 B
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 138584
643 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
40 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
831 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
37 KB
3 nashamama.com
nashamama.com
40 KB
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 13455
tracking-a.dsp.m6r.eu — Cisco Umbrella Rank: 867287
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1171
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4218
625 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 887
1 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 598
577 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1755
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1040
344 B
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 4604
774 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 520
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 818
s.tribalfusion.com — Cisco Umbrella Rank: 2566
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5262
637 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 646
657 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 884
395 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1187
1 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1477
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1141
792 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1895
1 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4483
258 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 858
1 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 20856
543 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 12807
1020 B
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 133224
702 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 134956
i.bigmir.net — Cisco Umbrella Rank: 269925
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
52 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 540679
r.i.ua — Cisco Umbrella Rank: 172336
4 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1042
522 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1176
209 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1553
114 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 857
44 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1429
48 KB
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 18966
550 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3757
462 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3207
104 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
518 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2528
534 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16159
366 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5811
282 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6228
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1468
408 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
613 B
1 zemanta.com
b1h-apac1.zemanta.com — Cisco Umbrella Rank: 10650
326 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4602
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 458
225 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 67462
207 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 441
387 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7335
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12219
411 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 26854
904 B
1 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 4175
459 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 599
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
9 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
0 atdmt.com Failed
ad.atdmt.com Failed
704 115
Domain Requested by
77 pagead2.googlesyndication.com scripts.go2net.com.ua
file.adpartner.pro
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
ad.doubleclick.net
www.googletagservices.com
s0.2mdn.net
53 zdorovia.com.ua zdorovia.com.ua
52 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
s0.2mdn.net
40 s0.2mdn.net zdorovia.com.ua
s0.2mdn.net
38 cm.g.doubleclick.net 17 redirects spl.zeotap.com
googleads.g.doubleclick.net
30 dt.adsafeprotected.com googleads.g.doubleclick.net
zdorovia.com.ua
30 a4p.adpartner.pro 5 redirects zdorovia.com.ua
a4p.adpartner.pro
22 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
17 a.audrte.com 7 redirects ads.us.e-planning.net
a.audrte.com
s.adtelligent.com
zdorovia.com.ua
17 inv-nets.admixer.net 1 redirects scripts.go2net.com.ua
zdorovia.com.ua
ads.us.e-planning.net
15 mwzeom.zeotap.com spl.zeotap.com
s.adtelligent.com
15 image8.pubmatic.com 7 redirects zdorovia.com.ua
ads.pubmatic.com
14 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 simage2.pubmatic.com 6 redirects ads.pubmatic.com
s.adtelligent.com
13 ads.go2net.com.ua scripts.go2net.com.ua
zdorovia.com.ua
11 sync.adtelligent.com 1 redirects s.adtelligent.com
ads.us.e-planning.net
ads.pubmatic.com
10 googleads4.g.doubleclick.net zdorovia.com.ua
10 www.googletagservices.com googleads.g.doubleclick.net
fw.adsafeprotected.com
s0.2mdn.net
10 image6.pubmatic.com 6 redirects ads.pubmatic.com
10 ib.adnxs.com 8 redirects spl.zeotap.com
googleads.g.doubleclick.net
10 scripts.go2net.com.ua zdorovia.com.ua
scripts.go2net.com.ua
9 u-ams02.e-planning.net ads.us.e-planning.net
ads.pubmatic.com
vid.vidoomy.com
9 rtb.openx.net 3 redirects ads.us.e-planning.net
googleads.g.doubleclick.net
8 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
s.adtelligent.com
7 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
7 sync.richaudience.com 3 redirects ads.us.e-planning.net
spl.zeotap.com
7 x.bidswitch.net 7 redirects
7 image2.pubmatic.com 7 redirects
6 ps.eyeota.net s.adtelligent.com
zdorovia.com.ua
6 adservice.google.com pagead2.googlesyndication.com
6 adservice.google.co.uk pagead2.googlesyndication.com
6 bidder.criteo.com static.criteo.net
6 ads.pubmatic.com ads.us.e-planning.net
s.adtelligent.com
ads.pubmatic.com
6 s.e-planning.net ads.us.e-planning.net
6 onetag-sys.com ads.go2net.com.ua
ads.us.e-planning.net
s.adtelligent.com
6 ssum-sec.casalemedia.com 6 redirects
6 cdn.admixer.net zdorovia.com.ua
scripts.go2net.com.ua
cdn.admixer.net
5 static.adsafeprotected.com googleads.g.doubleclick.net
pixel.adsafeprotected.com
5 cs.yellowblue.io ads.pubmatic.com
5 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
5 ups.analytics.yahoo.com 4 redirects googleads.g.doubleclick.net
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
4 pixel.advertising.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 fw.adsafeprotected.com 2 redirects googleads.g.doubleclick.net
zdorovia.com.ua
4 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
4 sync.mathtag.com 4 redirects
4 token.rubiconproject.com eus.rubiconproject.com
4 sync-tm.everesttech.net 4 redirects
4 match.adsrvr.org spl.zeotap.com
ads.pubmatic.com
4 dmp.adform.net 3 redirects spl.zeotap.com
4 secure-assets.rubiconproject.com 4 redirects
4 ads.us.e-planning.net 1 redirects ads.go2net.com.ua
s.adtelligent.com
4 creativecdn.com 2 redirects zdorovia.com.ua
scripts.go2net.com.ua
4 odr.mookie1.com zdorovia.com.ua
spl.zeotap.com
googleads.g.doubleclick.net
4 counter.yadro.ru 2 redirects zdorovia.com.ua
3 fonts.googleapis.com s0.2mdn.net
3 simage4.pubmatic.com ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 partner.googleadservices.com pagead2.googlesyndication.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 js.cookieless-data.com s.e-planning.net
3 vid.vidoomy.com ads.us.e-planning.net
3 tags.crwdcntrl.net s.e-planning.net
3 sync.spotim.market s.adtelligent.com
3 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 3 redirects
3 idsync.frontend.weborama.fr 2 redirects s.adtelligent.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 spl.zeotap.com ads.us.e-planning.net
3 i.e-planning.net ads.us.e-planning.net
3 pixel.sitescout.com ads.us.e-planning.net
3 pa.tns-ua.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 static.criteo.net scripts.go2net.com.ua
zdorovia.com.ua
3 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
2 gum.criteo.com 1 redirects static.criteo.net
2 uipglob.semasio.net 1 redirects s.adtelligent.com
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 id.rlcdn.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com
2 pixel.adsafeprotected.com googleads.g.doubleclick.net
2 m.fg8dgt.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync.crwdcntrl.net 1 redirects s.adtelligent.com
2 pixel-eu.onaudience.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 ad.360yield.com 2 redirects
2 csync.loopme.me 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 beacon.krxd.net spl.zeotap.com
2 sync.smartadserver.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 ads.betweendigital.com 2 redirects
2 us.ck-ie.com zdorovia.com.ua
2 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
2 rtb.mfadsrvr.com 2 redirects
2 adx.adform.net 1 redirects zdorovia.com.ua
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 cs.mobfox.com zdorovia.com.ua
scripts.go2net.com.ua
2 m.trafmag.com zdorovia.com.ua
2 s.adtelligent.com inv-nets.admixer.net
s.adtelligent.com
2 www.youtube.com zdorovia.com.ua
www.youtube.com
1 p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i2-v6exp3.ds.metric.gstatic.com
1 p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i1-v6exp3.v4.metric.gstatic.com
1 mug.criteo.com
1 tracking-a.dsp.m6r.eu 1 redirects
1 tracking.m6r.eu 1 redirects
1 track.adform.net 1 redirects
1 cr.frontend.weborama.fr 1 redirects
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com s.adtelligent.com
1 aud.pubmatic.com s.adtelligent.com
1 match.bnmla.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 ssum.casalemedia.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 code.createjs.com s0.2mdn.net
1 bbnaut.ibillboard.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 cm.adform.net 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 b1h-apac1.zemanta.com 1 redirects
1 ic.tynt.com s.adtelligent.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 idsync.admixer.co.kr zdorovia.com.ua
1 sync.lemmatechnologies.com 1 redirects
1 www.google.co.uk zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 static.xx.fbcdn.net www.facebook.com
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 www.facebook.com zdorovia.com.ua
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
1 ajax.googleapis.com zdorovia.com.ua
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
0 ad.atdmt.com Failed googleads.g.doubleclick.net
704 175

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-11-15 -
2022-12-05		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-22 -
2022-05-23		 3 months crt.sh
adpartner.pro
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-04-02 -
2022-07-01		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.mobfox.com
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.us.e-planning.net
R3		 2022-05-04 -
2022-08-02		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-03-29 -
2022-06-27		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
widespace.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-03-30 -
2022-06-28		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
sync.spotim.market
R3		 2022-03-30 -
2022-06-28		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.yellowblue.io
Amazon		 2022-04-23 -
2023-05-22		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
truffle.bid
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.eyeota.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.v4.metric.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.ds.metric.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh

This page contains 154 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: 988074519AE654E670AB261587569528
Requests: 134 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Frame ID: AB679A28E0622764C3D27C4E88D945A7
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Frame ID: D9D19AB7D3E6FC0DACEAE88034073905
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Frame ID: 2AA79621F960E5B27E204B0684521493
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: E3601EA077C28F7421A10B862CB07F92
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2156640030855472&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 5D29717EAA8A375312F5CE8DF07D1799
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 4ED2C3A57A17239EF79861D29CF83C50
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: E1097989476B6885FCAFFDD6E4EDDC66
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: B8D453C98F182DCD98668A65CCFFD39D
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: FCBB751734211535AD8826E96324E6DD
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: A417ADFE51F92D1A4442A16B158B61DD
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Frame ID: 1020B6EC180D0835904326179D78FD0B
Requests: 21 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 98B73114C23F212803E82CF4223F23B3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: E9E7747C58CD2C037C685498AE63A6A3
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: F155EE4D217B2C0FD5FB064568D6ADD7
Requests: 28 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2156640030855472&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Fbca0a493-1a2c-4e8f-8b0a-59f644495689%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D486e82fc55875f6ef7eba2b7e6177931
Frame ID: F43FA5731AAA9BEF4EC2851F66ECD983
Requests: 9 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: 40388C8FD174EE90CC75CC6C368527F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4217ED6784FFBCA7EBBB9F96E49F0B72
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 5E07884AC3039E2BCDEAE957EF5C0ACB
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 35D46741F337AA11232270A3D30C92D0
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: ADE1E3F0E1B854E8AD3986B28F1275D0
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 2AF8F95CA8AF58D409F0AE9B7553FEE9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 73AC2C352DA17B5C550785D246B1B245
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: FBB1ECB65754F9C56B34FD0BC1265984
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=748067
Frame ID: 1754A057F76A0914B9EA390321EAD0EF
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c6bafb1f-6ba7-4d43-9af3-13d6ddfda193
Frame ID: 1076B27439EBE23F9B2B0EA959CA1C4D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: C5FAB70CC0D2590EB6DB63BA7228B941
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 911BB55BF1509FAEFC600F5AE007827F
Requests: 12 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 3E44DFB4F47987A6D261249F363E8E0F
Requests: 5 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Frame ID: 7F8140D79531EAEF14FD7A736C0CB41E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 78537EEABF58D77EDB508894CB833F3B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Frame ID: 2867113E5D4F44025CE69E0500E4CB8E
Requests: 9 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 6C57935BCF3ED7E28ED863695A4C06AC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 0647447B3880654EBF59756E15332B28
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: F2072A3AED661754F54E1A140D4ADA4A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 80A7A399D3DC2D67C5A4448CBBA18954
Requests: 4 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=4344810612192819393
Frame ID: C37B47AC2A61A2549F2C8763D35C280D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 0C06BF1BBB2D8706281A6412A5247210
Requests: 5 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: C5B7D0E747525529DC952531F6784FAC
Requests: 8 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: FD8A08873267171D9F5A078AFF20AD10
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=269f09d876621f44&uid=35729a05fbebab732090e971c6ffcae3
Frame ID: A0C326A9134A6AB701D2C1887816B5BD
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMYyWws39%2fHFeX7f
Frame ID: 95B5DDA4EC733DF9219AF64D9F73871B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Frame ID: 8121802538F288D11E0F882C1A48E374
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Frame ID: 5D9F239A7E695BF061DBE1B64FAE6099
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: E12276032FEDDC66A4B045CFB2C9CDE9
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=2&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 78891C2C3860887824D2AA1A46EFAD30
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 892256E4DDDCA760DCD5648EEA5626D2
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=c34d5ca477eefed6&uid=2d06b99d11404135cc92d15e3736930a
Frame ID: A4A8F60317B07CDA66D8A6DFEF34D53D
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AMYyWws39%2fHFeX7f
Frame ID: F0F1B47D584D480755C23AEEFE3BDE81
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2SXOMgqSDrAZrWTYIox1&pi=admatic
Frame ID: A947614EBC40A6FC6CD1DB364FE17E77
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: D8C28EB6744F146636F3CE25791A1436
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8624539296363438648
Frame ID: F557FCC1248CE135897FB5028A721181
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 72E4DB0F5DB7B7A7624D6261810A8576
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: CAEF60175D02FD835692E5BB472B24B3
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: AB56C0189478A0FFED3D60AE7620ECCD
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: BBDFCC3B41F4097BC0CCB85F536BF91E
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: FA369C52464A701AC8B899E5D11C91F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: FD01F6D0D7A55719FB86D0F4DB535007
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Frame ID: B675F901C9B611676B94A4E41938D270
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1&gdpr=0&gdpr_consent=
Frame ID: 5260722D1572C0275FD7DD7623AE4870
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 3BA3148ED7890E86DD751CFC4ED35484
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: B575E99E343AFC44A9102B86451570ED
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Frame ID: 23F1DA4A8A84CFEE11C724859CB25AF2
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Frame ID: 72B02A9E4A14D255FE19BC56D9D941B4
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 800E1B7931DBCD619D1035BD3F7AE53A
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 1C741B7B329D540A5D31EB4089DA9787
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 0635CE23AA503E482E1F74F150ABFBF4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C40941D4A02D669969CC2A5CF91B98EF
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 7C94520D02DA8CDF2AFE9A81EB10760A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: DAA1D75AB371DA972828874C53FB28ED
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: CEC2C527C16E98C1C6BA7A73F6F73832
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: CAEDF9838024B2B0FD642D9AA096830A
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9eecce3d-9882-4979-9567-12ddfa01473d-tuct97b5d6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: C75DE86F35359A66BC55930D6990FEC9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3384703968
Frame ID: 1EC5522B5D335E12641D1689997A70A0
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=269f09d876621f44&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Frame ID: 80A1414DD722CDDE49B5A446B3639417
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Frame ID: C11807CEB65868D2E640784CC1F98707
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Frame ID: E1EEF3B7E8434D1F9D4C999A5CAFF963
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Frame ID: 892B43374895AA3B6769E1737B5B1F46
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Frame ID: 1A61F630A9517C98949F117587DC78DB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 83C020347B5A374F44E87402FB160348
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Frame ID: DFB494D4B6A7F408BA46AC2D4E1DB41A
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 55AF127C57C8EC3B428633527F7569E1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 37FDD26645818AD4FD490B37D2E1E895
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 163EDA0DA0126FDE92BBE72CB615C95B
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 0DDCB1FFC286D13928A63C1AD7BD4542
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=3&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: CD74717A40C7250AC1845C366999CF15
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Frame ID: 74D905DD1829721BF3627FEE7D4D5548
Requests: 27 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: EDF5119FA0F943251772E45123C09223
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=c34d5ca477eefed6&uid=35729a05fbebab732090e971c6ffcae3
Frame ID: BFBDEB28E6050E028831CC97022CA0ED
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMYyWws39%2fHFeX7f
Frame ID: B4D8AA92FD219CF9153EA2A3FAC892E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYsJKxygEwAQ&v=APEucNWtNZl3Jw7alnyoA5bXGu5c8Wd9bjIj7gFAVJvavIC6tOo70uM4SMmnmhSdaY1qcODruVKmNQgAXwWzKRyqobPKokoXgZ6QKGmlnEmCHZ83v8sIkiE28X-kq-xvw6Nz3t4AQ-w-PjxDIO-Oo8RDswW6QgbhdrTNlqAH_iOSf7wtgBeSAAA
Frame ID: 29735272C864382F073633AA527EC895
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDFue6pAhidxsjDATAB&v=APEucNU01KZ4ReOmf3OwSy2djg6036HJFSWbG5AI8NfbaQfFfDNQKQrGj2sGIP8pYDBC76sl_C8ThUEA-xfD7KPUuCfwav4p1ndW6yUwfbhcIkj3TVtlO9LDeCB5JvwC2PuADHP1pcaYNskHXaIrQPh4Ad1rGCAk7-0MqKgSU5vJNP9a4etK8To
Frame ID: 866E734554E1CCB5749657ACC47A9EFA
Requests: 5 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F8df72cd3-96af-4a19-bb21-7be5baa62b32%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg4LCJzaG93X2lkIjoiOGRmNzJjZDMtOTZhZi00YTE5LWJiMjEtN2JlNWJhYTYyYjMyIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D54ffca70dc04904b04f523f5caeea8aa&showId=8df72cd3-96af-4a19-bb21-7be5baa62b32&apuid=994efe04-d65e-470d-805e-cbccac7770d7
Frame ID: 2CD0B7ACDFCF4DD7FE6ECCC711BB7A99
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25228df72cd3-96af-4a19-bb21-7be5baa62b32%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25228df72cd3-96af-4a19-bb21-7be5baa62b32%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: E62B448C954A4D9ABBB7402AC5923501
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25228df72cd3-96af-4a19-bb21-7be5baa62b32%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25228df72cd3-96af-4a19-bb21-7be5baa62b32%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: F6ABCBFD7006F2C16724E9730FB9BF5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D0235C63C8838DE4F10EEDD30DEDBF7
Requests: 2 HTTP requests in this frame

Frame: https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 78F6BD75E2B772FA82763F4DD0F6AF72
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 698444BDE841162F6B8E7B0BC1490D97
Requests: 2 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fa881dbe0-f2af-4ae0-8864-0bb07b6a57f0%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg4LCJzaG93X2lkIjoiYTg4MWRiZTAtZjJhZi00YWUwLTg4NjQtMGJiMDdiNmE1N2YwIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd59b5e85cf6ca97c6eb734b14d9d184a&showId=a881dbe0-f2af-4ae0-8864-0bb07b6a57f0&apuid=994efe04-d65e-470d-805e-cbccac7770d7
Frame ID: B421D484B178DF6B3EB32E2FA949CF55
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522a881dbe0-f2af-4ae0-8864-0bb07b6a57f0%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522a881dbe0-f2af-4ae0-8864-0bb07b6a57f0%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: CA4DA5927492E523F99B3046F485AA6F
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522a881dbe0-f2af-4ae0-8864-0bb07b6a57f0%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522a881dbe0-f2af-4ae0-8864-0bb07b6a57f0%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: C3163814FE4609A3038FBEFF12FC71D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 074D3385CDEC43278479E5EFD26BC8F6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 454FE0AEE61FA946612A8B50649D8013
Requests: 9 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 23FEC72AEBFEFAF6D6C8219BE1B50E1F
Requests: 11 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E5FBDD1478AC66BE0F215E1B11B36755
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07B87E322136F6997367D453A876FFF9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 82F4B4CCBE2EDB8015DC564A6268E1EB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E34BE478D751B14044B06FEC00BABBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40FBD94E0F21E70F1E85C1AF8BD2AFFB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 562410E1FE95352DBDDC12FD01EA9228
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 862553124BAA9BD59D20A63CA0A63E8F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 318E49B7E19D1ADCF851915D896A2388
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3689830131456613378/200x200.html
Frame ID: D8B6ACC66FC2631692D5A39A6D83F138
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Frame ID: 625593A540A03007C20EF40689FC3650
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD3qGIYvbW8xwEwAQ&v=APEucNV7EpRTzypyz4V6latyt4PBWY-14wV0c-M8uycMfrK3mvDsQZQYPJ_MG_Ga85ng9h0nlqhMlE6jhbsrEHwpOkaWi1xh9Vola3AtKGzgHS0sp7PWZHpDrGnLiHR1Tt1POZmaWrl_LNUgLgbNJTbGnDyHJ3eaQ3SqX9HdjO2KgO-2KDPbdKU
Frame ID: B8F08035DC7DFEECF8132C99017B0E50
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Frame ID: 68A5740E6F3BD0D48A770A04D1812D0B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Frame ID: 257D2A10A79F6C3FC254BA8A4377D03D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Frame ID: D7ECC44E134746B5150B92976C86ECDE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B3F88BF76D92BEA66146125BAE2B4DE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNW7WMUoLnAQqTLl9vj8OLPJxIcPdeC2sKZ9cnlYKlGX7Rf3TxnCUm9JejLijj_pF_cIqkmTuTuDP_g_HKM0934TJqRU7A
Frame ID: FAB5AAF21C02EEB5ABDA204479B27186
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C116CF9B854CBA3910B4871B67051757
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/6527551/1651227802756/index.html
Frame ID: 897642E905E76B40DC0E5BAF2D51EFB7
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 65F9F922144DCB89E17C2B956AB6D231
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7461FB756A17526342A23C8EDAE738C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD54BC8B7F73BC2107860F6BFADB7E5D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E547F3C513A84E469832FC7E2F40417F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNXPbMbBSsR0zkCQ-TFq5BX3u2E9TQHsaSVAd3o5nBK29W-Py1J4PGOZIgst4KYQ1NzZwD80EleBQbdu_Td2li6kd1EXAQ
Frame ID: 7BE66CA511AE2E737CC5EAAFBFFA7374
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/8299540/1646069414603/index.html
Frame ID: 9C41094BDD5EC6076E22EB3FA3043210
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
Frame ID: 9F06D21E2BB80D383E29BDB50B29DBF1
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 409DDFC2B980CBA20DB12858178FC032
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E42CF705BD91F3D0B6E8F1B485843A73
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 94F98385F75F69A9B048D87FC0CA09DE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
Frame ID: E7570C78A83EE6CA4FA7082F5FB5BDB6
Requests: 12 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=347365437/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20zdorovia.com.ua/rt=ifr
Frame ID: 15097FF51EAE72DCAA818612AF616123
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 49E2FAC32B340A842CB006B6C8A83E8D
Requests: 3 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 9679472A4FE522C9FC11DBAACF8A1403
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: F42C1584D5ACFE9D72F9E90850926544
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:32C6ECA5D3B440279FE124B47F93ECDB
Frame ID: 0F032A2D97A3FFD1D8432F7648EC0CF9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wOorq53C1NQsG25&gdpr=0&gdpr_consent=
Frame ID: B59BEB750E60E8B5BD023FA37A2D7D3E
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=c34d5ca477eefed6&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Frame ID: 2AFA3785E239E11DF8BC143F2AC75D9F
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=393879950/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Frame ID: A01921023F83DC8B13DE0F3E2A6680D4
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Frame ID: 408C3B24A49683DB2FED706528012EE6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EEE73B287D393B094F644B8A4155E860
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6EFDEB040DF8576502E35795834BD0E8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Frame ID: 55ABAB5EA8B305C73FB4D10AAC9DDA94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C3160B4CE47A6CF7DE5B125AB7376A51
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 403213A952D22806D1BE91E11A8BD9B7
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=c34d5ca477eefed6&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Frame ID: D035AB13A83A479D1846616CDDD41705
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Frame ID: 930ECDAB76873BFDF80E63FB8D097D1E
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=512117809/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20zdorovia.com.ua/rt=ifr
Frame ID: 37ECB5474459630251B6995B8FC1AA68
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=zdorovia.com.ua
Frame ID: BB8EEAF9EC93B25296DE94C25540D322
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: BD588AD9EFFEFFFFE819D126BC503EC5
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=2&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 2335A1749E72EFBA7562A75DD0A68855
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=3&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 8A0F53FE78D483F67FF90E181876B6C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

704
Requests

75 %
HTTPS

23 %
IPv6

115
Domains

175
Subdomains

117
IPs

22
Countries

6224 kB
Transfer

13327 kB
Size

177
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • http://a4p.adpartner.pro/branding?id=1550&0.5118770847774199 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
Request Chain 58
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 59
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7381198854657676 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7381198854657676 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7381198854657676
Request Chain 66
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n988254&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 70
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2043399343&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=704948251&utmr=-&utmp=%2F&utmht=1652676586229&utmac=UA-37123827-1&utmcc=__utma%3D148597372.295295263.1652676586.1652676586.1652676586.1%3B%2B__utmz%3D148597372.1652676586.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=69086822&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2043399343&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=704948251&utmr=-&utmp=%2F&utmht=1652676586229&utmac=UA-37123827-1&utmcc=__utma%3D148597372.295295263.1652676586.1652676586.1652676586.1%3B%2B__utmz%3D148597372.1652676586.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=69086822&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=295295263.1652676586&jid=69086822&_v=5.7.2&z=2043399343 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=295295263.1652676586&jid=69086822&_v=5.7.2&z=2043399343 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=295295263.1652676586&jid=69086822&_v=5.7.2&z=2043399343&slf_rd=1&random=1177096040
Request Chain 91
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=994efe04-d65e-470d-805e-cbccac7770d7
Request Chain 94
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D6deaa01ea694467c91fb456d0d463654 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D6deaa01ea694467c91fb456d0d463654&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTJBMjdDRTItNkVFRC00MEM2LUEwMkMtRTg3N0Y3Mzg2RTU1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTJBMjdDRTItNkVFRC00MEM2LUEwMkMtRTg3N0Y3Mzg2RTU1&gdpr=0&gdpr_consent=0&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0
Request Chain 95
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D6deaa01ea694467c91fb456d0d463654 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=9c74822b-d4d3-11ec-87e6-801844df107c HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=lemma&user_id=9c74822b-d4d3-11ec-87e6-801844df107c HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=43a463dd-7420-4b16-b08f-8612740af562&ssp=lemma&gdpr=&gdpr_consent=
Request Chain 96
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-ehqWdJlE2uFMrz3BNTXRCfDvM.kO8hRpe6JXVCg-~A
Request Chain 97
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 98
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YoHX6pnKchycMLvXJupRmwAAAogAAAIB
Request Chain 99
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=6deaa01ea694467c91fb456d0d463654 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=6deaa01ea694467c91fb456d0d463654
Request Chain 100
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_110554&url=http%3A%2F%2Fzdorovia.com.ua%2F HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_110554&url=http%3A%2F%2Fzdorovia.com.ua%2F
Request Chain 103
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 104
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=6deaa01ea694467c91fb456d0d463654&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=6deaa01ea694467c91fb456d0d463654&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=admixer&bsw_user_id=43a463dd-7420-4b16-b08f-8612740af562 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer&bsw_user_id=43a463dd-7420-4b16-b08f-8612740af562 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0d1d89df-1b6e-4182-8ccb-d1e0a5838ade&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=43a463dd-7420-4b16-b08f-8612740af562&gdpr=&consent=&gdpr_pd=
Request Chain 108
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6deaa01ea694467c91fb456d0d463654 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZE35EAFBCF01481CBD0CEAA00EDBB92B&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6deaa01ea694467c91fb456d0d463654
Request Chain 110
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=15a7c0d5-d557-5288-97b1-c8b0f5301f5b
Request Chain 115
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D269f09d876621f44 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 116
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D269f09d876621f44%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D269f09d876621f44%2526uid%253D%2524UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=269f09d876621f44&uid=4344810612192819393
Request Chain 117
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 126
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 136
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=78502984-e40b-4c8b-bf25-8df5f64abece&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Request Chain 141
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361&rdf=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Request Chain 142
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=85266d42-bcbc-4dc9-a673-ad4ca28d15a6&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 143
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a2c63042-dfd9-4aab-694e-7d71b699d6b5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a2c63042-dfd9-4aab-694e-7d71b699d6b5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=58190441442167557482990353383370800544&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Request Chain 145
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7098191892038285455&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Request Chain 147
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a2c63042-dfd9-4aab-694e-7d71b699d6b5&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a2c63042-dfd9-4aab-694e-7d71b699d6b5&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361&bounce=1&random=1125348417 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=TCYYRx1RpDpmIv1KU0wJRu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Request Chain 148
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 149
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a2c63042-dfd9-4aab-694e-7d71b699d6b5?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a2c63042-dfd9-4aab-694e-7d71b699d6b5?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Request Chain 150
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-qH1d9FBE2op01s20WxHL0rTw148eNMcKdg--~A&zpartnerid=570&env=mWeb
Request Chain 151
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=VRZLMa%2FBDW%2FM3KKx5GrGk5OUZ7wmxT2r%2BS41iYitP1U%3D
Request Chain 155
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361&_test=YoHX6wABp-nfHwAj HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YoHX6wABp-nfHwAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361&_test=YoHX6wABp-nfHwAj
Request Chain 157
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Request Chain 158
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2c63042-dfd9-4aab-694e-7d71b699d6b5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2c63042-dfd9-4aab-694e-7d71b699d6b5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361&dcc=t
Request Chain 160
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Request Chain 165
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c6bafb1f-6ba7-4d43-9af3-13d6ddfda193
Request Chain 169
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=0f76f5df-ad5f-46e1-905b-5dfbe1e5cfbd
Request Chain 170
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9201dab5-98f6-4793-bc3a-68fbaa8dc6b7
Request Chain 172
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4344810612192819393
Request Chain 173
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=994efe04-d65e-470d-805e-cbccac7770d7
Request Chain 174
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=6deaa01ea694467c91fb456d0d463654
Request Chain 185
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc34d5ca477eefed6 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 186
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc34d5ca477eefed6%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c34d5ca477eefed6&uid=4344810612192819393
Request Chain 189
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 195
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 196
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=4344810612192819393
Request Chain 198
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Request Chain 199
  • https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Request Chain 200
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YoHX6pnKchycMLvXJupRmwAA%26648
Request Chain 217
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3D35729483-939f-415c-5d79-a5304834252e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=35729483-939f-415c-5d79-a5304834252e&zdid=1361
Request Chain 235
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2SXOMgqSDrAZrWTYIox1&pi=admatic
Request Chain 237
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8624539296363438648
Request Chain 242
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 252
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1&gdpr=0&gdpr_consent=
Request Chain 253
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1554987726123330793 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 255
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7098191892038285455 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Request Chain 256
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoHX6wABrEVSHgAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoHX6wABrEVSHgAo&gdpr=0&gdpr_consent=&_test=YoHX6wABrEVSHgAo HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Request Chain 257
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=idbKvXuaRzxiSGziTQlrMtmKxGk HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 258
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCWnRrN0ZBN0FBQUVXaHo3aGhRZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 259
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 262
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 264
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0803d8f2898b2608/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaSaYQSMXSRShXUaS HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaSaYQSMXSRShXUaS HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaSaYQSMXSRShXUaS HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 265
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9eecce3d-9882-4979-9567-12ddfa01473d-tuct97b5d6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 266
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1652676587754 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3384703968
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a9356281-d7ec-4400-bbc8-84d07d67853e
Request Chain 270
  • https://pixel.onaudience.com/?partner=214&mapped=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QThBQjZDOTAtOTk5QS00RkUzLUI3RUYtRkJCRUFCRjJBQUQ3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDLexWjta8F_pdVXpcUgzkk&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 274
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8624539296363438648 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Request Chain 276
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4344810612192819393&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 277
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WRx_twsZIuRCTXeyDkpqvlgYdb9CS3C3CU_OZZwx HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Eyh2GkZE2uUyVCA6Aa03TBRv2D1B14Y-~A&gdpr=0&gdpr_consent=
Request Chain 280
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=43a463dd-7420-4b16-b08f-8612740af562 HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=43a463dd-7420-4b16-b08f-8612740af562 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=pubmatic&user_id=9243fe59-2884-45db-aabf-416254d432c0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43a463dd-7420-4b16-b08f-8612740af562&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 281
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:afbc047e-c000-47c9-b15b-740c22b29d03&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Request Chain 282
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4563681998453056354&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Request Chain 284
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4344810612192819393
Request Chain 299
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc34d5ca477eefed6 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 300
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc34d5ca477eefed6%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c34d5ca477eefed6&uid=4344810612192819393
Request Chain 309
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 316
  • https://ih.adscale.de/uu?cbfn=receive&t=1652676587 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1652676587&nut&uu=379404069fe0475bb5057bd64d385829
Request Chain 327
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3D51971239-de04-47a8-42bb-9c4ac716d5a1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=51971239-de04-47a8-42bb-9c4ac716d5a1&zdid=1361
Request Chain 334
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8624539296363438648 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=&google_gid=CAESEPgRzG0uQqZtaLRezPkhtN4&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuNOzefaCb38IAiK0knlko&google_cver=1
Request Chain 386
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoHX6pnKchycMLvXJupRmwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuNOzefaCb38IAiK0knlko&google_cver=1
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEII4EUkVoaLiH13ajkTppl0&google_cver=1
Request Chain 388
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0NDgxMDYxMjE5MjgxOTM5Mw%3D%3D
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI0xeRCYCoceAk6tIKfCdss&google_cver=1
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECQoqrXdX4-0m4D6AJD2L6c&google_cver=1
Request Chain 407
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 410
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/970282/61278885/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417938%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1652676587%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1652676587455%26bpp%3D3%26bdt%3D362%26idt%3D306%26shv%3Dr20220511%26mjsv%3Dm202205100101%26ptt%3D9%26saldr%3Daa%26correlator%3D463723020067%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D295295263.1652676586%26ga_sid%3D1652676586%26ga_hid%3D1707449053%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44763505%252C44763827%26oid%3D2%26pvsid%3D2606551401218276%26pem%3D550%26tmod%3D1162872940%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.fsvk4qls0hti%26fsb%3D1%26dtd%3D323&adsafe_type=d&adsafe_jsinfo=,id:cf241038-dfaa-c8fb-fbbb-3077749aa256,c:cKxUOq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-mqr6r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:35,oid:9d4b055f-d4d3-11ec-8f6d-6a1f7705d7c7,v:19.8.309,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=&google_gid=CAESEPgRzG0uQqZtaLRezPkhtN4&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 414
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8624539296363438648 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Request Chain 430
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 439
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENhZHFvJ5AwRjFL-74npNVw&google_cver=1&google_push=AYg5qPJZ6P4BKFrkXiWp9U3umH1cLDLmHwJwoXxmHk-54hEXwzd4yoLAwq4hH8jubr4GNPKbiAh4hx6pFMKHyMED0cJCR0OB0GV1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJZ6P4BKFrkXiWp9U3umH1cLDLmHwJwoXxmHk-54hEXwzd4yoLAwq4hH8jubr4GNPKbiAh4hx6pFMKHyMED0cJCR0OB0GV1&google_hm=YLErkZqdm2hEB0cVdZBUag
Request Chain 440
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLbCjVDbvtn6rHhah2LsYqlLSiPtODl3sFOZd60eN22ZPnnpzeBwwLHNWXRvmQhGsDV-9z9lBSfsnfODw3Fx4wBut9YLs2u&google_gid=CAESEKHtaX2Fi5dMAo3t-yCWqjU&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLbCjVDbvtn6rHhah2LsYqlLSiPtODl3sFOZd60eN22ZPnnpzeBwwLHNWXRvmQhGsDV-9z9lBSfsnfODw3Fx4wBut9YLs2u&google_gid=CAESEKHtaX2Fi5dMAo3t-yCWqjU&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MTYwNDQ5NDkwMDAxNDE4MjE5OTY3NQ%3D%3D&google_push=AYg5qPLbCjVDbvtn6rHhah2LsYqlLSiPtODl3sFOZd60eN22ZPnnpzeBwwLHNWXRvmQhGsDV-9z9lBSfsnfODw3Fx4wBut9YLs2u
Request Chain 443
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcHhYjfXYfwdJ0WDaqELkE&google_cver=1&google_push=AYg5qPLWn14yaKofUThLG_HTtEVGh4bbD2JfXXLPPPiLm065gDuTkDSoUkOBAtkoxAm-fy4WIHr0kTKGU5tAkjY9jXvduWnlFKnu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLWn14yaKofUThLG_HTtEVGh4bbD2JfXXLPPPiLm065gDuTkDSoUkOBAtkoxAm-fy4WIHr0kTKGU5tAkjY9jXvduWnlFKnu
Request Chain 444
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBNcpCb-7WYvq3w24Zm6zzI&google_cver=1&google_push=AYg5qPKwwu31FFk4N-N4GzlwzZ-uid0v5zzqLWAiDrK3AKlQ4A_PtE4C56ERwU-4C0E0FEvVo45DjWkwC92C5EzbplW7XCKrzD-U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlYRTAtMTEtSkUyWg==&google_push=AYg5qPKwwu31FFk4N-N4GzlwzZ-uid0v5zzqLWAiDrK3AKlQ4A_PtE4C56ERwU-4C0E0FEvVo45DjWkwC92C5EzbplW7XCKrzD-U
Request Chain 445
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_cver=1&google_push=AYg5qPJKn7gqAKo7656CsEhxVTy-7IFfVpFOG9DHDzl2yYgCcNnlutGlzcXSXhv5obhWDnznFaj-17o2qtLC2mEjcMZ1szzgu_wM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_push=AYg5qPJKn7gqAKo7656CsEhxVTy-7IFfVpFOG9DHDzl2yYgCcNnlutGlzcXSXhv5obhWDnznFaj-17o2qtLC2mEjcMZ1szzgu_wM&google_cver=1
Request Chain 455
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=379404069fe0475bb5057bd64d385829&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?tpid=101&tpuid=BBID-01-03273905892376002-16604280
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvNZYExUTL2nixDmAAE88A&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvNZYExUTL2nixDmAAE88A&google_cver=1&__user_check__=1&sync_id=9de0055b-d4d3-11ec-987b-125b01370106
Request Chain 459
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=9dd919c1-d4d3-11ec-889d-1d21b9eb0206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OWRlMDA1MjQtZDRkMy0xMWVjLTk4N2ItMTI1YjAxMzcwMTA2
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJQK4g8g4ojh56ltj-anbQo&_origin=1&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJQK4g8g4ojh56ltj-anbQo&_origin=1&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJQK4g8g4ojh56ltj-anbQo&_origin=1&google_cver=1&apid=UP9dd431c4-d4d3-11ec-b16c-02080fde3794
Request Chain 461
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9dd431c4-d4d3-11ec-b16c-02080fde3794 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5ZGQ0MzFjNC1kNGQzLTExZWMtYjE2Yy0wMjA4MGZkZTM3OTQ%3D
Request Chain 488
  • https://fw.adsafeprotected.com/rfw/st/1002713/62059190/4.js?ias_dspID=3&ias_campId=1007072335&ias_pubId=pub-4577254435597104&ias_chanId=1&ias_placementId=17069351463&bidurl=http://zdorovia.com.ua/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0gltTLG2R4b6BLAqiIq6jWx&adContainerId=brand_safety_7deBYqTSAejD7_UP9-mnsAw&cbFunctionName=goog_wrapCb_7deBYqTSAejD7_UP9-mnsAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D250%26slotname%3D6208660382%26adk%3D2159672584%26adf%3D2751417949%26pi%3Dt.ma~as.6208660382%26w%3D300%26lmt%3D1652676588%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1652676587900%26bpp%3D4%26bdt%3D577%26idt%3D185%26shv%3Dr20220511%26mjsv%3Dm202205110101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D476014c565d1e2f7-227bf61596cd0099%253AT%253D1652676587%253ART%253D1652676587%253AS%253DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ%26correlator%3D463723020067%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D295295263.1652676586%26ga_sid%3D1652676586%26ga_hid%3D1466241595%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D970%26ady%3D918%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1564989781%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C42531557%252C44761044%252C31067584%252C21065725%26oid%3D2%26pvsid%3D2971698416934096%26pem%3D550%26tmod%3D276848470%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.v5qe3w52d1t%26fsb%3D1%26dtd%3D199&adsafe_type=d&adsafe_jsinfo=,id:49966df8-6f11-3c62-a522-8ba0e153234e,c:cKxUYS,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-crmt7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.0,piv:0,obst:0,th:0,reas:r.h,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:2,fm:t5YaxKw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:31,oid:9dbf7152-d4d3-11ec-9052-86e68cdad9d2,v:19.8.309,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 498
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=&google_gid=CAESEPgRzG0uQqZtaLRezPkhtN4&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 499
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8624539296363438648 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Request Chain 505
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=01e7b9bea623d048747be6e8efa80d7e753cdf5e14ef3409363ed9ce1a121b72&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YoHX6pnKchycMLvXJupRmwAA%26648
Request Chain 538
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENhZHFvJ5AwRjFL-74npNVw&google_cver=1&google_push=AYg5qPLnVJa_pl0zleXlpshEtk0w7DRzkAL0RamzVn44MwJ8HOejdeQRl7qTrf47LO8T0PI5EJqJJoeKjjwVGblfaLU-FjGx-Y3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLnVJa_pl0zleXlpshEtk0w7DRzkAL0RamzVn44MwJ8HOejdeQRl7qTrf47LO8T0PI5EJqJJoeKjjwVGblfaLU-FjGx-Y3g&google_hm=YLErkZqdm2hEB0cVdZBUag
Request Chain 541
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcHhYjfXYfwdJ0WDaqELkE&google_cver=1&google_push=AYg5qPJOPb98SN2RIVFZtzaAjSAZgh9i_XZsda1Pxyo96k1aBL-C7nroEAmW3piOpz8BK4A2oTLvUYxxoW-yz4QXusv5xHuiP8xd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOPb98SN2RIVFZtzaAjSAZgh9i_XZsda1Pxyo96k1aBL-C7nroEAmW3piOpz8BK4A2oTLvUYxxoW-yz4QXusv5xHuiP8xd
Request Chain 542
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBNcpCb-7WYvq3w24Zm6zzI&google_cver=1&google_push=AYg5qPI58dWuqltwydHGG2gZ6W3jpA6Ko1TOk11Fjb8kEsxUR6HEBDr1vDHNkXNdwL9SW9-GRnjORtqlFRXrQHumISneNNepqCq4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlZNDMtMjQtR1FPVA==&google_push=AYg5qPI58dWuqltwydHGG2gZ6W3jpA6Ko1TOk11Fjb8kEsxUR6HEBDr1vDHNkXNdwL9SW9-GRnjORtqlFRXrQHumISneNNepqCq4
Request Chain 543
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_cver=1&google_push=AYg5qPIvFkEl7t8W30JzQxYOAdZKprrAWncYRUMZ1-WyAqpT4NoNrPPvpBDrtZaQ5zlxiuZTrdfdfIP1td8K2GkV5XfDEh4BK-bv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_cver=1&google_push=AYg5qPIvFkEl7t8W30JzQxYOAdZKprrAWncYRUMZ1-WyAqpT4NoNrPPvpBDrtZaQ5zlxiuZTrdfdfIP1td8K2GkV5XfDEh4BK-bv&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc
Request Chain 561
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENhZHFvJ5AwRjFL-74npNVw&google_cver=1&google_push=AYg5qPIK9VUnUEv7kudf0PqX3a1fm0ekSD5WJiYlHoE-aATKMkWEnvDVTa-iGZTVpPKtg-chOFv9SbCwDw5arXapYtGOStnepMY9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIK9VUnUEv7kudf0PqX3a1fm0ekSD5WJiYlHoE-aATKMkWEnvDVTa-iGZTVpPKtg-chOFv9SbCwDw5arXapYtGOStnepMY9&google_hm=YLErkZqdm2hEB0cVdZBUag
Request Chain 562
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKPsj1C7Fh-uz6leAYzdmfU6JLz9xItofou0-sHTYj1Wfy4JxR8XfPU33sZOE34HArU_6GY8C1t2yfG-NrYatukaWcJwXd4mA&google_gid=CAESECMQHgTq-GqPpH0Quipar4k&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO6vh5QGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBLUHNqMUM3RmgtdXo2bGVBWXpkbWZVNkpMejl4SXRvZm91MC1zSFRZajFXZnk0SnhSOFhmUFUzM3NaT0UzNEhBclVfNkdZOEMxdDJ5ZkctTnJZYXR1a2FXY0p3WGQ0bUE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdmpmbTU1cFRMN0Uwd2xRbDZid1hwLWRsU3hRajQ1MzZXS3NlSEk0dGxlcw==&google_push
Request Chain 564
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcHhYjfXYfwdJ0WDaqELkE&google_cver=1&google_push=AYg5qPIPBgSErCGxjV4LoJFqJbrdVe862OPiqfB6Jk6LdRCX1-e-FxwhLMra2l3idqZQOdqZhW5DA-tcHykfzwbUfdwO-wkCFpKvkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIPBgSErCGxjV4LoJFqJbrdVe862OPiqfB6Jk6LdRCX1-e-FxwhLMra2l3idqZQOdqZhW5DA-tcHykfzwbUfdwO-wkCFpKvkg
Request Chain 565
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBNcpCb-7WYvq3w24Zm6zzI&google_cver=1&google_push=AYg5qPIfJhp8WdBcIZfc7WNRatj5SEgKrwAzTNN2Cbz3rSOoi5MnVaMAgDUit-9-OI7UVg53GrHq41xt8qFl3zFg5gIuUuAFBWEKrw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlZQVgtMjgtMkRJVQ==&google_push=AYg5qPIfJhp8WdBcIZfc7WNRatj5SEgKrwAzTNN2Cbz3rSOoi5MnVaMAgDUit-9-OI7UVg53GrHq41xt8qFl3zFg5gIuUuAFBWEKrw
Request Chain 566
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_cver=1&google_push=AYg5qPLPw3nSSrjPe_lA8uIn4EupV6zDIDULyfO7o1D9hhWC-lun9088Hg1VQZGBbqdoIqfx9wkETlKGpH90yUst0_ITyicd1fvrFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_push=AYg5qPLPw3nSSrjPe_lA8uIn4EupV6zDIDULyfO7o1D9hhWC-lun9088Hg1VQZGBbqdoIqfx9wkETlKGpH90yUst0_ITyicd1fvrFQ&google_cver=1
Request Chain 588
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=6c2f3c46125e595fd7c8a2fb37ebd536f43456ee85a11567164b42d0567eb0bb&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=a9356281-d7ec-4400-bbc8-84d07d67853e&gdpr=0&gdpr_consent=
Request Chain 616
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:32C6ECA5D3B440279FE124B47F93ECDB
Request Chain 617
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wOorq53C1NQsG25&gdpr=0&gdpr_consent=
Request Chain 619
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&addseg=11,34,40
Request Chain 620
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 622
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7 HTTP 302
  • https://a.audrte.com/p
Request Chain 624
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9eda09f3-d4d3-11ec-8d6c-0bf2ab20b56d&gdpr=0&gdpr_consent=
Request Chain 629
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Request Chain 636
  • https://track.adform.net/serving/cookie/match/?party=9&uid=4adedacbfe197eb582995ce357ca9aeb676bb9b7d674ac33df917349fbf92570&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?tpid=42&gdpr=0&tpuid=8624539296363438648
Request Chain 658
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=9489f61c4e56cce0af39f0e98d685d532de4454ba59b988a0383cb4620befb11&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=72556129-2dc0-4ecf-b2d8-03c8076df7ed&gdpr=0
Request Chain 671
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=77b3d96f99c0b77a98866c779d305d0b7e876a32ebf24ead3cff08eb63206761&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=a9356281-d7ec-4400-bbc8-84d07d67853e&gdpr=0&gdpr_consent=
Request Chain 685
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=0fa804f0af57e30a1ebda4326cf1c42cdeef57465904b32ac882c2c72f3e9dca&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?uid=0fa804f0af57e30a1ebda4326cf1c42cdeef57465904b32ac882c2c72f3e9dca&tpid=38&gdpr=0&tpuid=CAESEDzh0IpsNWjj_gNl5hhkHLQ&google_cver=1
Request Chain 686
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=9c899cc0951eaec0dd77db1325d67ec78e5d4a297884724422f0fac34b5766df&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=9c899cc0951eaec0dd77db1325d67ec78e5d4a297884724422f0fac34b5766df&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/js?tpid=48&tpuid=fc34556a4f86c2f31e79926eb6c38a91
Request Chain 696
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zdorovia.com.ua&sn=ChromeSyncframe&so=0&topUrl=zdorovia.com.ua&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=OeE0InxZY2h0M2hsdmt4OVp1T0NObml0a1JBdGlZeVpOenYxZm85UzFWV0VtUXh2dWNnZ3RUeU1aTldqeEc5UjVWRzQ4YzV5TytXaGV2azYyVFhHVk12MHN3VVFNTmVqNEtyejhZVWFEb1h1ZWRBbFJkdlV6UkRjb0dxUGNOTnFZSFg0YXRodDMyVktxVXBzVUJPTmFocHQvSkl6WElMT01JZHROQmZuMVpCMkh6dVgvUWkxN1pTOUErejBZQXdYeWZqZHAwZm1CeHIrSUNXdk85WG5wWEtjcXRFY0Q3RDNOYWF5VElFMUFLZ1k5WWZIVmoweUJKczJiSHFockVrWWlDRWplTEs0d29iM0hiay8yd2JsTjV2SzlKQT09fA&cppv=2

704 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zdorovia.com.ua/ 		89 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
2d51ad1e501159b88be94d248854ab44ad9193fb429f7f6d7e40941c223a6639

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Mon, 16 May 2022 04:49:45 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Wed, 15 Jun 2022 04:49:45 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Wed, 15 Jun 2022 04:49:45 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		267 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Wed, 15 Jun 2022 04:49:45 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Wed, 15 Jun 2022 04:49:45 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/ 		64 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Wed, 15 Jun 2022 04:49:45 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 14 May 2022 09:52:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
154651
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
30082
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="hosted-libraries-pushers"
Expires
Sun, 14 May 2023 09:52:14 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Wed, 15 Jun 2022 04:49:45 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Wed, 15 Jun 2022 04:49:45 GMT
media.js
zdorovia.com.ua/templates/default3/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Wed, 15 Jun 2022 04:49:45 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Wed, 15 Jun 2022 04:49:45 GMT
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1bad7fa0d48ce03296d646f87a1e3355336fe122165039d769119b0189db4014

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:48 GMT
server
nginx
etag
W/"626a813c-2c101"
x-cached-since
2022-05-14T15:26:20+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 06 May 2022 15:35:57 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1bad7fa0d48ce03296d646f87a1e3355336fe122165039d769119b0189db4014

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:48 GMT
server
nginx
etag
W/"626a813c-2c101"
x-cached-since
2022-05-16T04:46:57+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 05 May 2022 21:58:18 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Wed, 15 Jun 2022 04:49:45 GMT
a356aae96d1a861797f4b1da07acd34f_large1.jpg
zdorovia.com.ua/uploads/dsn/df/54/002/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/df/54/002/a356aae96d1a861797f4b1da07acd34f_large1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1090c2dfa60066448236e51383f97e00308bc61313e840c843e34b3eba31b3f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Fri, 13 May 2022 20:01:37 GMT
Server
nginx/1.12.1
ETag
"627eb921-6545"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25925
Expires
Wed, 15 Jun 2022 04:49:45 GMT
1eb4578863d6226c162ae287cfd4d565-quality_100xresize_1xallow_enlarge_0xw_700xh_01.jpg
zdorovia.com.ua/uploads/dsn/71/a1/002/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/71/a1/002/1eb4578863d6226c162ae287cfd4d565-quality_100xresize_1xallow_enlarge_0xw_700xh_01.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
c402e09ab2026afa74c8105b97c2d2ba657bbe0da64933f03e4696af00136a0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Thu, 12 May 2022 20:54:17 GMT
Server
nginx/1.12.1
ETag
"627d73f9-b576"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46454
Expires
Wed, 15 Jun 2022 04:49:45 GMT
1409305062-2165-golova-migren1.jpg
zdorovia.com.ua/uploads/dsn/73/c3/001/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/73/c3/001/1409305062-2165-golova-migren1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e63e2b040841c4ea072961cdb4a62a2f9307c2b766d3fd285155002ad8a73370

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Wed, 11 May 2022 19:31:28 GMT
Server
nginx/1.12.1
ETag
"627c0f10-40bb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16571
Expires
Wed, 15 Jun 2022 04:49:45 GMT
5m7ruw-2x0-900x600-vfwlvp3l6v3lc2ppyugkgnaw35jcsshn1.jpg
zdorovia.com.ua/uploads/dsn/eb/c1/002/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/eb/c1/002/5m7ruw-2x0-900x600-vfwlvp3l6v3lc2ppyugkgnaw35jcsshn1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
9250a3c3d3277937e35b82dc600ff12273d0e713f77d3a30361836c649e27828

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Mon, 09 May 2022 20:27:10 GMT
Server
nginx/1.12.1
ETag
"6279791e-58ce"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22734
Expires
Wed, 15 Jun 2022 04:49:45 GMT
1397412959_37421_dr1.jpg
zdorovia.com.ua/uploads/dsn/74/bc/001/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/74/bc/001/1397412959_37421_dr1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1495e7f83e3901d2eff7595812095e993ff634288ceffc261f4285990d7398a4

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Sun, 08 May 2022 20:48:27 GMT
Server
nginx/1.12.1
ETag
"62782c9b-5910"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22800
Expires
Wed, 15 Jun 2022 04:49:45 GMT
1629567929_podgotovka-rozliv-hranenie-i-vyderzhka-vina-retina1.jpg
zdorovia.com.ua/uploads/dsn/c8/09/002/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/c8/09/002/1629567929_podgotovka-rozliv-hranenie-i-vyderzhka-vina-retina1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
647e173570984b1d83e27313956e816fd7daab276dcf384556dd07d6c5703af4

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sat, 07 May 2022 19:56:25 GMT
Server
nginx/1.12.1
ETag
"6276cee9-9d82"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40322
Expires
Wed, 15 Jun 2022 04:49:46 GMT
2069951.jpg
zdorovia.com.ua/uploads/dsn/2c/e7/001/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/2c/e7/001/2069951.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b30af8b3634fafdaa43577e8bf5d29485818d18cb22a4fd2a0ab08f9c8ed325e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Fri, 06 May 2022 18:27:30 GMT
Server
nginx/1.12.1
ETag
"62756892-4627"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17959
Expires
Wed, 15 Jun 2022 04:49:46 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Wed, 15 Jun 2022 04:49:46 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Wed, 15 Jun 2022 04:49:46 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Wed, 15 Jun 2022 04:49:46 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Wed, 15 Jun 2022 04:49:46 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Wed, 15 Jun 2022 04:49:46 GMT
kor.jpg
zdorovia.com.ua/uploads/dsn/3b/80/005/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/3b/80/005/kor.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Wed, 08 Sep 2021 08:44:53 GMT
Server
nginx/1.12.1
ETag
"61387805-4f89"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20361
Expires
Wed, 15 Jun 2022 04:49:46 GMT
doglyad.jpg
zdorovia.com.ua/uploads/dsn/dd/14/018/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/14/018/doglyad.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Fri, 29 Jan 2021 10:09:42 GMT
Server
nginx/1.12.1
ETag
"6013dee6-4655"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18005
Expires
Wed, 15 Jun 2022 04:49:46 GMT
shud.jpg
zdorovia.com.ua/uploads/dsn/9f/63/014/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/9f/63/014/shud.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Wed, 27 Jan 2021 13:56:56 GMT
Server
nginx/1.12.1
ETag
"60117128-3ff4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16372
Expires
Wed, 15 Jun 2022 04:49:46 GMT
5.jpg
zdorovia.com.ua/uploads/dsn/03/2b/055/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/03/2b/055/5.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Fri, 15 Jan 2021 10:50:41 GMT
Server
nginx/1.12.1
ETag
"60017381-84f8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34040
Expires
Wed, 15 Jun 2022 04:49:46 GMT
vpravi.jpeg
zdorovia.com.ua/uploads/dsn/9f/e0/005/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/9f/e0/005/vpravi.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0b0853387e622dd1fac85a34065405e79d48746886bdcafd942998f0664cd7a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Fri, 27 Nov 2020 14:04:14 GMT
Server
nginx/1.12.1
ETag
"5fc1075e-4049"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16457
Expires
Wed, 15 Jun 2022 04:49:46 GMT
b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
zdorovia.com.ua/uploads/dsn/41/69/002/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/41/69/002/b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Mon, 18 Apr 2022 19:59:33 GMT
Server
nginx/1.12.1
ETag
"625dc325-3b39"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15161
Expires
Wed, 15 Jun 2022 04:49:46 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Wed, 15 Jun 2022 04:49:46 GMT
0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
zdorovia.com.ua/uploads/dsn/c2/6d/002/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/c2/6d/002/0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Thu, 06 Jan 2022 20:09:55 GMT
Server
nginx/1.12.1
ETag
"61d74c93-814b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33099
Expires
Wed, 15 Jun 2022 04:49:46 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Wed, 15 Jun 2022 04:49:46 GMT
1629667305_kak-primenyat-s.jpg
zdorovia.com.ua/uploads/dsn/e6/75/002/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e6/75/002/1629667305_kak-primenyat-s.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1a6715bf3bc40105127d000e3b0336b0f8ec406acbb39fcf6df9a62191f6c153

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Fri, 22 Apr 2022 14:00:30 GMT
Server
nginx/1.12.1
ETag
"6262b4fe-5f32"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24370
Expires
Wed, 15 Jun 2022 04:49:46 GMT
zhcam.jpg
zdorovia.com.ua/uploads/dsn/86/c4/001/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/86/c4/001/zhcam.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
34d691926abe24d70abec9c7a2b98926124f8f74a26ccc79de123e5dc57dc55d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sat, 23 Apr 2022 07:08:44 GMT
Server
nginx/1.12.1
ETag
"6263a5fc-5aaa"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23210
Expires
Wed, 15 Jun 2022 04:49:46 GMT
atdftm.jpg
zdorovia.com.ua/uploads/dsn/a1/30/003/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/a1/30/003/atdftm.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
fdb736764b48613a841948cd49bbd20c0f8cae7ce14433cb382de518f0af9e62

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Thu, 21 Apr 2022 13:57:16 GMT
Server
nginx/1.12.1
ETag
"626162bc-5291"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21137
Expires
Wed, 15 Jun 2022 04:49:46 GMT
20180408_1456421.jpg
zdorovia.com.ua/uploads/dsn/dd/87/001/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/87/001/20180408_1456421.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8d0351181325bff073fa94bff8b6f3b330d41f1a9aa25fc29480fa685318e577

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 24 Apr 2022 19:01:50 GMT
Server
nginx/1.12.1
ETag
"62659e9e-534f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21327
Expires
Wed, 15 Jun 2022 04:49:46 GMT
rli.jpg
zdorovia.com.ua/uploads/dsn/84/f8/003/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/84/f8/003/rli.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
9bb6da85068d70193dd6af030824d7f2ce75955c929ce1c46b4a2afe30961f31

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Thu, 05 May 2022 17:29:33 GMT
Server
nginx/1.12.1
ETag
"6274097d-628f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25231
Expires
Wed, 15 Jun 2022 04:49:46 GMT
clzhkoa4.jpg
zdorovia.com.ua/uploads/dsn/48/e5/002/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/48/e5/002/clzhkoa4.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
6337835d6b5bf7f137ef7e02350b65ddfbd4d121041a08bf4867685cd7c9b098

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 15 May 2022 18:40:02 GMT
Server
nginx/1.12.1
ETag
"62814902-5a95"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23189
Expires
Wed, 15 Jun 2022 04:49:46 GMT
ivdra.jpg
zdorovia.com.ua/uploads/dsn/05/a5/001/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/05/a5/001/ivdra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ad244a6483c52bf77ab783f6e009da7a1af287a04d572600cf65176a3c4f9c1b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 15 May 2022 18:36:04 GMT
Server
nginx/1.12.1
ETag
"62814814-6d0d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27917
Expires
Wed, 15 Jun 2022 04:49:46 GMT
630_360_1632307878-8171.jpg
zdorovia.com.ua/uploads/dsn/b3/b2/005/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/b3/b2/005/630_360_1632307878-8171.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0410a3477d628d71c44f55674e1affc0aeaa46c5998b8e0d09f31ff7321ae356

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 15 May 2022 18:19:26 GMT
Server
nginx/1.12.1
ETag
"6281442e-612f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24879
Expires
Wed, 15 Jun 2022 04:49:46 GMT
zhlucat4.jpg
zdorovia.com.ua/uploads/dsn/cc/f3/001/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/cc/f3/001/zhlucat4.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8af7879cf41c6f0f83b11522fec6d3b641de4911427b895ab14b9100a55d0e2b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 15 May 2022 12:38:12 GMT
Server
nginx/1.12.1
ETag
"6280f434-7b8d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31629
Expires
Wed, 15 Jun 2022 04:49:46 GMT
do-chogo-snit-sya-yabluka-traktuvannya-snu-za-r-znimi-sonnikam-scho-oznacha-zbirati-abo-gotuvati-sma
zdorovia.com.ua/uploads/dsn/e0/41/001/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e0/41/001/do-chogo-snit-sya-yabluka-traktuvannya-snu-za-r-znimi-sonnikam-scho-oznacha-zbirati-abo-gotuvati-sma
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
accec248141e0b60f1b72b2d2b4d4ce1e1298311b92ea21b834bc9cf0ca56e7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:46 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
1_311.jpg
zdorovia.com.ua/uploads/dsn/4f/57/001/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/4f/57/001/1_311.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
bb56899b55f642bb02aae32457bd6f1eef1a51579329276fc6f51f675f3263f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Thu, 05 May 2022 19:33:17 GMT
Server
nginx/1.12.1
ETag
"6274267d-59db"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23003
Expires
Wed, 15 Jun 2022 04:49:46 GMT
obesity_kids1.jpg
zdorovia.com.ua/uploads/dsn/0e/88/001/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/0e/88/001/obesity_kids1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a3a815c91ebca454c2d4f67fee2bc7f95b770c7537d7214850d6f0e0661e5113

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Thu, 05 May 2022 19:45:44 GMT
Server
nginx/1.12.1
ETag
"62742968-2dc4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11716
Expires
Wed, 15 Jun 2022 04:49:46 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Wed, 15 Jun 2022 04:49:45 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Wed, 15 Jun 2022 04:49:45 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Wed, 15 Jun 2022 04:49:46 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Wed, 15 Jun 2022 04:49:46 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Wed, 15 Jun 2022 04:49:46 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Wed, 15 Jun 2022 04:49:46 GMT
3_1_3.png
i.i.ua/r/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:45 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
70c17d163ee654b1-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Mon, 15 May 2023 04:58:06 GMT
logo
counter.yadro.ru/ 		672 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
672
Expires
Mon, 15 May 2023 21:00:00 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a0de96edd269b462677718d11e8f5f9548eb683ae07234e891e8e03ba1aeadd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 16 May 2022 04:49:46 GMT
vast.js
cdn.admixer.net/scripts3/r/ 		136 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.admixer.net/scripts3/r/vast.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ID
fr5-up-gc32
Date
Mon, 16 May 2022 04:49:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 13:43:44 GMT
Server
nginx
ETag
W/"5a60a490-21e4b"
Vary
Accept-Encoding
X-Cached-Since
2022-05-06T15:11:31+00:00
Content-Type
application/javascript
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 07 May 2023 15:11:31 GMT
branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
  • https://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1504
date
Mon, 16 May 2022 04:24:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 16 May 2022 06:24:42 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7381198854657676
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.7381198854657676
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 15 May 2021 21:00:00 GMT
s
r.i.ua/ 		43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r.i.ua/s?u152465&p0&n0.9329592963503675&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:46 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
70c17d163bf73622-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:46 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Wed, 15 Jun 2022 04:49:46 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Wed, 15 Jun 2022 04:49:46 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/ 		251 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Wed, 15 Jun 2022 04:49:46 GMT
page.php
www.facebook.com/plugins/ Frame AB67 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
242b3e5dbf9a7e9fcd7707a74cbae93f256e024a7a5146ebe3fb51fc3720d43e
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 16 May 2022 04:49:46 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
QtAxtv79Cq1EqBCZgNRegqiJbXrI5JJwq73toMav8j2640sB23p/kC5r4tfACRZ8x7yA9TpEESxu+jDPCpB2/w==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n988254&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Thu, 19 May 2022 04:49:46 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
link-arrow.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Wed, 15 Jun 2022 04:49:46 GMT
www-widgetapi.js
www.youtube.com/s/player/00e475bf/www-widgetapi.vflset/ 		154 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/00e475bf/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20633ce2674a5b0272d9b4e0b4a037919868fc47b589265b14b8a8fcd5907e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 03:40:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
4182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51172
x-xss-protection
0
last-modified
Thu, 12 May 2022 00:17:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 May 2023 03:40:04 GMT
Hq7X--n9goh.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame AB67 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/Hq7X--n9goh.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46a61fca4d294fbda28ab31127527ce9650a22b94f6482fa35afffc6b91103a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DzBNDzFUXU9cQf25NqkGbQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4673
x-fb-rlafr
0
x-fb-debug
CAn04mGVu7AtD1cH9jghLESLze9v6NcgBN5JSdVV1AFIRnl7iD3SWM9Fo8Q0yy21xyrHGazsHsgCQ8XFU38WyA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 14 May 2023 14:43:28 GMT
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2043399343&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2043399343&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=295295263.1652676586&jid=69086822&_v=5.7.2&z=2043399343
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=295295263.1652676586&jid=69086822&_v=5.7.2&z=2043399343
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=295295263.1652676586&jid=69086822&_v=5.7.2&z=2043399343&slf_rd=1&random=1177096040
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=295295263.1652676586&jid=69086822&_v=5.7.2&z=2043399343&slf_rd=1&random=1177096040
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4014:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=295295263.1652676586&jid=69086822&_v=5.7.2&z=2043399343&slf_rd=1&random=1177096040
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.html
cdn.admixer.net/scripts3/45890/ Frame D9D1 		738 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:46 GMT
etag
W/"626a814d-2e2"
expires
Sat, 06 May 2023 21:00:10 GMT
last-modified
Thu, 28 Apr 2022 11:58:05 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-05T21:00:10+00:00
x-id
fr5-up-gc38
376cef9bc739cb759b1b.b.js
scripts.go2net.com.ua/scripts3/45890/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/45890/376cef9bc739cb759b1b.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:56 GMT
server
nginx
etag
W/"626a8144-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-14T15:31:39+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 15:30:09 GMT
8fa10895f61293c9aa16.b.js
scripts.go2net.com.ua/scripts3/45890/ 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/45890/8fa10895f61293c9aa16.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:01 GMT
server
nginx
etag
W/"626a8149-12a41"
vary
Accept-Encoding
x-cached-since
2022-05-14T15:31:39+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 15:30:09 GMT
c.html
cdn.admixer.net/scripts3/45890/ Frame 2AA7 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:46 GMT
etag
W/"626a814d-2e2"
expires
Sat, 06 May 2023 21:00:10 GMT
last-modified
Thu, 28 Apr 2022 11:58:05 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-05T21:00:10+00:00
x-id
fr5-up-gc38
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame E360 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Mon, 16 May 2022 04:49:47 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame 5D29 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2156640030855472&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
9cbbc8d6a02b1cdfcb290a83714f282e1d965071a900ee0ef5c693d436e7db12

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 16 May 2022 04:49:46 GMT
server
nginx
analytics.js
www.google-analytics.com/ Frame 5D29 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2156640030855472&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1837
date
Mon, 16 May 2022 04:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 16 May 2022 06:19:09 GMT
branding
a4p.adpartner.pro/ Frame 5D29 		1 KB
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2156640030855472&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
2300f99205a0a4004085fc99b5f13b524c1e56c7ea7dd7a2c3d2d863020fe601

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2156640030855472&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
dsp.aspx
inv-nets.admixer.net/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8952827176173650&cpv=6ee9cc20-4849-f187-e4dd-df842a12e90d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2204fb9549-534a-b446-9521-e985d914ea3e%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210b2eab9-b646-36ff-a237-d0097b9c22df%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22c4f4cc3a-c3c2-acf9-a689-6343dd98c171%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2232c05893-b3da-ceb9-bada-ca779b807d25%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
fa2cd6f1dc1815d3360bded1a8852769bafa9af71a950442881a7ea60ccc50a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2234
X-Xss-Protection
0
dsp.aspx
ads.go2net.com.ua/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=345152308712262.1&cpv=6ee9cc20-4849-f187-e4dd-df842a12e90d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22397ad5ef-5efe-ac9b-211f-aa8d0f9d4ee0%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222c71c605-d41d-a5ef-9d08-58cafb4bcb64%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22418d604f-9c70-1e4d-4dc1-4d20f8f3ce52%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c44e7c9d91d2218825207d7854aa4b8d29eebd6205fcaf2d63c516ca0154dee2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2961
X-Xss-Protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame 4ED2 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Mon, 16 May 2022 04:49:46 GMT
expires
0
pragma
no-cache
server
nginx
e1eee23f36481a69453f.b.js
scripts.go2net.com.ua/scripts3/45890/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/45890/e1eee23f36481a69453f.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:07 GMT
server
nginx
etag
W/"626a814f-702f"
vary
Accept-Encoding
x-cached-since
2022-05-14T15:31:41+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 15:30:11 GMT
fdabe098f34289659a17.b.js
scripts.go2net.com.ua/scripts3/45890/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/45890/fdabe098f34289659a17.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:09 GMT
server
nginx
etag
W/"626a8151-a793"
vary
Accept-Encoding
x-cached-since
2022-05-14T15:31:41+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 15:30:11 GMT
84011c43c3075e543c6d.b.js
scripts.go2net.com.ua/scripts3/45890/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/45890/84011c43c3075e543c6d.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:01 GMT
server
nginx
etag
W/"626a8149-326c"
vary
Accept-Encoding
x-cached-since
2022-05-14T15:31:41+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 15:30:11 GMT
7103cce7fa6705169441.b.js
scripts.go2net.com.ua/scripts3/45890/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/45890/7103cce7fa6705169441.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:00 GMT
server
nginx
etag
W/"626a8148-2a79"
vary
Accept-Encoding
x-cached-since
2022-05-14T15:31:41+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 15:30:11 GMT
362b590febf83073189a.b.js
scripts.go2net.com.ua/scripts3/45890/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/45890/362b590febf83073189a.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:56 GMT
server
nginx
etag
W/"626a8144-35ac7"
vary
Accept-Encoding
x-cached-since
2022-05-14T15:31:41+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 15:30:11 GMT
sync.html
s.adtelligent.com/ Frame E109 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8952827176173650&cpv=6ee9cc20-4849-f187-e4dd-df842a12e90d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2204fb9549-534a-b446-9521-e985d914ea3e%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210b2eab9-b646-36ff-a237-d0097b9c22df%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22c4f4cc3a-c3c2-acf9-a689-6343dd98c171%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2232c05893-b3da-ceb9-bada-ca779b807d25%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:572:0:ec4:7aff:fecf:c440 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3dcd7e67fe77122c0db287fa636be243c77387baa72e074b96414291cf18aeee

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1179
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 May 2022 04:49:46 GMT
Server
Adtelligent
X-Robots-Tag
noindex
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=6deaa01ea694467c91fb456d0d463654
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=994efe04-d65e-470d-805e-cbccac7770d7
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=994efe04-d65e-470d-805e-cbccac7770d7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=994efe04-d65e-470d-805e-cbccac7770d7
date
Mon, 16 May 2022 04:49:46 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:46 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=6deaa01ea694467c91fb456d0d463654&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D6deaa01ea694467c91fb456d0d463654
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D6deaa01ea694467c91fb456d0d463654&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTJBMjdDRTItNkVFRC00MEM2LUEwMkMtRTg3N0Y3Mzg2RTU1&gdpr=0&gdpr_consent=0
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTJBMjdDRTItNkVFRC00MEM2LUEwMkMtRTg3N0Y3Mzg2RTU1&gdpr=0&gdpr_consent=0&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D6deaa01ea694...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=9c74822b-d4d3-11ec-87e6-801844df107c
  • https://x.bidswitch.net/ul_cb/sync?ssp=lemma&user_id=9c74822b-d4d3-11ec-87e6-801844df107c
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=43a463dd-7420-4b16-b08f-8612740af562&ssp=lemma&gdpr=&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=43a463dd-7420-4b16-b08f-8612740af562&ssp=lemma&gdpr=&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=43a463dd-7420-4b16-b08f-8612740af562&ssp=lemma&gdpr=&gdpr_consent=
Date
Mon, 16 May 2022 04:49:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-ehqWdJlE2uFMrz3BNTXRCfDvM.kO8hRpe6JXVCg-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-ehqWdJlE2uFMrz3BNTXRCfDvM.kO8hRpe6JXVCg-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-ehqWdJlE2uFMrz3BNTXRCfDvM.kO8hRpe6JXVCg-~A
date
Mon, 16 May 2022 04:49:46 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT, Mon, 16 May 2022 04:49:46 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Mon, 16 May 2022 04:49:46 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YoHX6pnKchycMLvXJupRmwAAAogAAAIB
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YoHX6pnKchycMLvXJupRmwAAAogAAAIB
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YoHX6pnKchycMLvXJupRmwAAAogAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Mon, 16 May 2022 04:49:47 GMT
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=6deaa01ea694467c91fb456d0d463654
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=6deaa01ea694467c91fb456d0d463654
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=6deaa01ea694467c91fb456d0d463654
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
168.119.8.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.8.119.168.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=6deaa01ea694467c91fb456d0d463654
date
Mon, 16 May 2022 04:49:46 GMT
server
nginx
etag
W/"cf413687fb27e695a79a2500faf67e83ed633aa4d389aa20f71fe60c2e60385e"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_110554&url=http%3A%2F%2Fzdorovia.com.ua%2F
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_110554&url=http%3A%2F%2Fzdorovia.com.ua%2F
28 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_110554&url=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
be5274049f5af28679c254ca8bc1dd93e401ec8d76ae0d6b37732f0fa7ef10b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_110554&url=http%3A%2F%2Fzdorovia.com.ua%2F
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 May 2022 04:49:47 GMT
/
onetag-sys.com/usync/ Frame B8D4 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=345152308712262.1&cpv=6ee9cc20-4849-f187-e4dd-df842a12e90d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22397ad5ef-5efe-ac9b-211f-aa8d0f9d4ee0%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222c71c605-d41d-a5ef-9d08-58cafb4bcb64%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22418d604f-9c70-1e4d-4dc1-4d20f8f3ce52%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame FCBB
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=345152308712262.1&cpv=6ee9cc20-4849-f187-e4dd-df842a12e90d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22397ad5ef-5efe-ac9b-211f-aa8d0f9d4ee0%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222c71c605-d41d-a5ef-9d08-58cafb4bcb64%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22418d604f-9c70-1e4d-4dc1-4d20f8f3ce52%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
cfa94fb21ab7162bdb39d58a809cd0c475aa21fb87384e82c94076e3de7c8b5d

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:46 GMT
expires
Mon, 16 May 2022 04:49:46 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-603

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 16 May 2022 04:49:46 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-603
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=6deaa01ea694467c91fb456d0d463654&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=6deaa01ea694467c91fb456d0d463654&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=admixer&bsw_user_id=43a463dd-7420-4b16-b08f-8612740af562
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer&bsw_user_id=43a463dd-7420-4b16-b08f-8612740af562
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0d1d89df-1b6e-4182-8ccb-d1e0a5838ade&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=43a463dd-7420-4b16-b08f-8612740af562&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=43a463dd-7420-4b16-b08f-8612740af562&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=43a463dd-7420-4b16-b08f-8612740af562&gdpr=&consent=&gdpr_pd=
Date
Mon, 16 May 2022 04:49:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync.html
s.console.adtarget.com.tr/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.36 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
cc86365-05.cc.colocall.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=6deaa01ea694467c91fb456d0d463654
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:46 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=6deaa01ea694467c91fb456d0d463654
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6deaa01ea694467c91fb456d0d463654
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZE35EAFBCF01481CBD0CEAA00EDBB92B&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6deaa01ea694467c91fb456d0d463654
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZE35EAFBCF01481CBD0CEAA00EDBB92B&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6deaa01ea694467c91fb456d0d463654
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZE35EAFBCF01481CBD0CEAA00EDBB92B&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6deaa01ea694467c91fb456d0d463654
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=6deaa01ea694467c91fb456d0d463654
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16-May-2022 13:49:47 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=15a7c0d5-d557-5288-97b1-c8b0f5301f5b
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=15a7c0d5-d557-5288-97b1-c8b0f5301f5b
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=15a7c0d5-d557-5288-97b1-c8b0f5301f5b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixelSync
pixel.sitescout.com/dmp/ Frame FCBB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D269f09d876621f44
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame FCBB 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D269f09d876621f44%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
1vevg2rtl79qeitvkjtle1t7dt90og4s
ptag
a.audrte.com/ Frame FCBB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
c62bc6a1f6c81f1c352072a264e959b0fdccacf9843b5a818b62dbe7128476f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame FCBB 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 15 May 2027 04:49:46 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame FCBB
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D269f09d876621f44
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 16 May 2022 04:49:47 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame FCBB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D269f09d876621f44%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D269f09d876621f44%2526uid%253D%2524UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=269f09d876621f44&uid=4344810612192819393
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=269f09d876621f44&uid=4344810612192819393
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e3da5aaa-0c90-4864-8e0b-502498b2979d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=269f09d876621f44&uid=4344810612192819393
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A417
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:47 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 May 2022 04:49:46 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1020 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141629
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 20:10:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 98B7 		1 KB
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame E9E7 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame F155 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae772b33c3c7f09550c4bafa8ee21580a90882ca998cbdbf9844a8b1ebf3f8f9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
70c17d1cdd200211-ZRH
content-encoding
br
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
zdorovia.com.ua_160x600_br.html
file.adpartner.pro/2297/2297845/ Frame F43F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2156640030855472&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Fbca0a493-1a2c-4e8f-8b0a-59f644495689%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D486e82fc55875f6ef7eba2b7e6177931
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
9209e7afb1726d2ea4ca89aac5410756fb80fc2318bd233ffa48a9ef9921fb97

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:46 GMT
etag
W/"61aa01af-d21"
last-modified
Fri, 03 Dec 2021 11:38:23 GMT
server
nginx
loader2.js
scripts.go2net.com.ua/scripts3/ Frame 4038 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d2ef2d592f177d6008f995b944cda8c3111800e828e3aedb3919d22ce2e4755

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:48 GMT
server
nginx
etag
W/"626a813c-2c101"
x-cached-since
2022-05-14T15:26:20+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 06 May 2022 15:35:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4217 		158 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db6d0497d19aa23a7ae2832cf6672c4a10ab3ba26eadfe4e36cf2b4574d5ad31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56121
x-xss-protection
0
server
cafe
etag
8339889323916943927
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:47 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5E07 		158 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
047a93d22cde8811b3a4b171bb1dc74fdcd45474ccf2411b362e8a65c2e2c8a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56124
x-xss-protection
0
server
cafe
etag
16224599155248383369
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:47 GMT
media
a4p.adpartner.pro/ Frame 35D4
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=145ed9e5-9433-4e0f-a109-8be0ab078bf3&hp=1048539382&page=zdorovia.com.ua%2F&pvid=194e644c-b03f-41b5-ac69-0d29e3fe65f4&inst=ADS-EU-6&ts=637882733866357320&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=1e6617f3-c4a4-480b-aae1-e830f0807e27&hp=1048539382&page=zdorovia.com.ua%2F&pvid=194e644c-b03f-41b5-ac69-0d29e3fe65f4&inst=ADS-EU-6&ts=637882733866357320&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=4&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=47a5c9d9-5533-4fe9-946d-19963bc31b2e&hp=1048539382&page=zdorovia.com.ua%2F&pvid=194e644c-b03f-41b5-ac69-0d29e3fe65f4&inst=ADS-EU-6&ts=637882733866357320&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=343835de-fbd7-4fb2-b63a-3a4a60870f8e&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099f7f3d-b4bf-4d7e-bd1e-4bbe3e1d6c85&inst=ADS-EU-6&ts=637882733866357320&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
if
a4p.adpartner.pro/tracker/ Frame ADE1 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Mon, 16 May 2022 04:49:47 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 2AF8 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522bca0a493-1a2c-4e8f-8b0a-59f644495689%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Mon, 16 May 2022 04:49:47 GMT
expires
0
pragma
no-cache
server
nginx
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F43F 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2156640030855472&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Fbca0a493-1a2c-4e8f-8b0a-59f644495689%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D486e82fc55875f6ef7eba2b7e6177931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a3e403bda6464ec955bea8a50a533c4531751f6769fdc2b46b9e838fef46920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39598
x-xss-protection
0
server
cafe
etag
8898462750559381809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:47 GMT
getuid
ib.adnxs.com/ Frame F155 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame F155 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=78502984-e40b-4c8b-bf25-8df5f64abece&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4...
95 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=78502984-e40b-4c8b-bf25-8df5f64abece&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d1f6fa70211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=78502984-e40b-4c8b-bf25-8df5f64abece&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame F155 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame F155 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63042-dfd9-4aab-694e-7d71b699d6b5%26reqId%3Dfa7a6c82-85a4-46b4-4841-4689e7df0afe%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame F155 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 varnish
server
nginx
x-timer
S1652676587.339141,VS0,VE17
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6963-MXP
u
dmp.v.fwmrm.net/ad/ Frame F155 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:96e:5500:bf36:df5c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d2129160211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
date
Mon, 16 May 2022 04:49:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=85266d42-bcbc-4dc9-a673-ad4ca28d15a6&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=85266d42-bcbc-4dc9-a673-ad4ca28d15a6&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d2058630211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=85266d42-bcbc-4dc9-a673-ad4ca28d15a6&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a2c63042-dfd9-4aab-694e-7d71b699d6b5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a2c63042-dfd9-4aab-694e-7d71b699d6b5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=58190441442167557482990353383370800544&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=58190441442167557482990353383370800544&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d2058650211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v031-01966ef16.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
w9oUR6iqRsg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=58190441442167557482990353383370800544&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame F155 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7098191892038285455&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7098191892038285455&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d2058660211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7098191892038285455&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame F155 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a2c63042-dfd9-4aab-694e-7d71b699d6b5
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a2c63042-dfd9-4aab-694e-7d71b699d6b5&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a2c63042-dfd9-4aab-694e-7d71b699d6b5&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=TCYYRx1RpDpmIv1KU0wJRu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=TCYYRx1RpDpmIv1KU0wJRu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d2139210211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
via
1.1 google
last-modified
Mon, 16 May 2022 04:49:47 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=TCYYRx1RpDpmIv1KU0wJRu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d20e8dc0211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a2c63042-dfd9-4aab-694e-7d71b699d6b5?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a2c63042-dfd9-4aab-694e-7d71b699d6b5?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d2109000211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.7.135
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-qH1d9FBE2op01s20WxHL0rTw148eNMcKdg--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-qH1d9FBE2op01s20WxHL0rTw148eNMcKdg--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d20787a0211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 16 May 2022 04:49:47 GMT
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-qH1d9FBE2op01s20WxHL0rTw148eNMcKdg--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=VRZLMa%2FBDW%2FM3KKx5GrGk5OUZ7wmxT2r%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=VRZLMa%2FBDW%2FM3KKx5GrGk5OUZ7wmxT2r%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d21190d0211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=VRZLMa%2FBDW%2FM3KKx5GrGk5OUZ7wmxT2r%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame F155 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a2c63042-dfd9-4aab-694e-7d71b699d6b5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame F155 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.96.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-96-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1652676587
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame F155 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a2c63042-dfd9-4aab-694e-7d71b699d6b5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YoHX6wABp-nfHwAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-468...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YoHX6wABp-nfHwAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361&_test=YoHX6wABp-nfHwAj
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d232b090211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1652676588.959546,VS0,VE0
x-served-by
cache-lcy19248-LCY
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YoHX6wABp-nfHwAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361&_test=YoHX6wABp-nfHwAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame F155 		0
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-112.dus51.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
sGag83_89owfTjzBEndKWqzF3v-DM8yKJC-m9HtObsvz9H6Dtg3ZbQ==
x-cache
Miss from cloudfront
usermatch.gif
beacon.krxd.net/ Frame F155
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.248.96.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-96-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1652676588
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
date
Mon, 16 May 2022 04:49:48 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame F155
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2c63042-dfd9-4aab-694e-7d71b699d6b5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2c63042-dfd9-4aab-694e-7d71b699d6b5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2c63042-dfd9-4aab-694e-7d71b699d6b5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MHSCYFTV8P86BM11W8WW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RDR6ASJAR30XD8DZ9MVD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2c63042-dfd9-4aab-694e-7d71b699d6b5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame F155 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=a2c63042-dfd9-4aab-694e-7d71b699d6b5&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame F155
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d224a2f0211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
date
Mon, 16 May 2022 04:49:47 GMT
cross-origin-resource-policy
cross-origin
content-length
0
usync.js
eus.rubiconproject.com/ Frame A417 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 20:46:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=24118
content-type
text/html; charset=UTF-8
content-length
9496
expires
Mon, 16 May 2022 11:31:45 GMT
/
onetag-sys.com/usync/ Frame 73AC 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame FBB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Mon, 16 May 2022 04:49:47 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame 1754 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=748067
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.36 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
cc86365-05.cc.colocall.com
Software
Adtelligent /
Resource Hash
97347f37f21d141b84ff3a9e3f659fc1bbfe3bc66104c4efea4bd49a61423c26

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
797
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 May 2022 04:49:46 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 1076
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c6bafb1f-6ba7-4d43-9af3-13d6ddfda193
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c6bafb1f-6ba7-4d43-9af3-13d6ddfda193
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:47 GMT
Etag
1d5ae89843810fa6
Server
VertaMedia 1.0

Redirect headers

content-length
0
date
Mon, 16 May 2022 04:49:47 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c6bafb1f-6ba7-4d43-9af3-13d6ddfda193
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C5FA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141629
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 20:10:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame 911B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
cab35dfcb0e0127899b61cfb6df53325a6b63bbd3aec99d7ed68fdfe26b750c3

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
expires
Mon, 16 May 2022 04:49:47 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-603
sync.html
s.adtelligent.com/ Frame 3E44 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:572:0:ec4:7aff:fecf:c440 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
cc5bf93fdd985bb9a478acbb44d27662d0db8df9db04cdcb5e09db5a4c70d1e5

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
951
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 May 2022 04:49:46 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame E109
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=0f76f5df-ad5f-46e1-905b-5dfbe1e5cfbd
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=0f76f5df-ad5f-46e1-905b-5dfbe1e5cfbd
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=0f76f5df-ad5f-46e1-905b-5dfbe1e5cfbd
date
Mon, 16 May 2022 04:49:47 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame E109
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9201dab5-98f6-4793-bc3a-68fbaa8dc6b7
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9201dab5-98f6-4793-bc3a-68fbaa8dc6b7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9201dab5-98f6-4793-bc3a-68fbaa8dc6b7
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
47bs7g7sco53t44f9pnhn741h43gjl9k
pixel
ap.lijit.com/ Frame E109 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame E109
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4344810612192819393
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4344810612192819393
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2af4725c-748c-4a5b-bf3d-b0ffbcf07932
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4344810612192819393
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame E109
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=994efe04-d65e-470d-805e-cbccac7770d7
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=994efe04-d65e-470d-805e-cbccac7770d7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=994efe04-d65e-470d-805e-cbccac7770d7
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame E109
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=6deaa01ea694467c91fb456d0d463654
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=6deaa01ea694467c91fb456d0d463654
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
0

Redirect headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=6deaa01ea694467c91fb456d0d463654
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1020 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30308863&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b730cad1e622883f4d15bd86803a3907d06b79d0cbfa7222ba98e2011c64d365

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=46260764012
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=48195338456
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=11553160209
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=d213eba3-e9e1-4799-b018-39f8bb631965&hp=1048539382&page=zdorovia.com.ua%2F&segments=5%2C495%2C2&ts=637882733866357320&ap=MA%3D%3D&asign=-947060090&sync=3%2C80%2C88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=099f7f3d-b4bf-4d7e-bd1e-4bbe3e1d6c85&ip=217.138.196.105&item=F34E2A12-1873-45CF-A327-13F884B02F8C&crid=F34E2A12-1873-45CF-A327-13F884B02F8C&size=240x350&profile=4C02EB63-7790-4196-82B4-5362F7AB3A87&isopt=0&adv=N%2FA&dsp=Adform&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
khaos.jpg
token.rubiconproject.com/ Frame A417 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
pixelSync
pixel.sitescout.com/dmp/ Frame 911B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc34d5ca477eefed6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 911B 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc34d5ca477eefed6%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
nif6a66tu29frm6in8i41p2a5q1s9trp
ptag
a.audrte.com/ Frame 911B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
c62bc6a1f6c81f1c352072a264e959b0fdccacf9843b5a818b62dbe7128476f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 911B 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 15 May 2027 04:49:47 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 911B
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc34d5ca477eefed6
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 16 May 2022 04:49:47 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 911B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc34d5ca477eefed6%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c34d5ca477eefed6&uid=4344810612192819393
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c34d5ca477eefed6&uid=4344810612192819393
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d88ff59e-df5d-438d-8876-69fa9a19920d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c34d5ca477eefed6&uid=4344810612192819393
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c.html
cdn.admixer.net/scripts3/45890/ Frame 7F81 		738 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
W/"626a814d-2e2"
expires
Sat, 06 May 2023 21:00:10 GMT
last-modified
Thu, 28 Apr 2022 11:58:05 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-05T21:00:10+00:00
x-id
fr5-up-gc38
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1bad7fa0d48ce03296d646f87a1e3355336fe122165039d769119b0189db4014

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:48 GMT
server
nginx
etag
W/"626a813c-2c101"
x-cached-since
2022-05-14T15:26:20+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 06 May 2022 15:35:57 GMT
usync.html
eus.rubiconproject.com/ Frame 7853
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:47 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 May 2022 04:49:47 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2867 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141629
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 20:10:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 6C57 		1 KB
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 0647 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame F207 		322 B
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1aae9297730534cfb42db742a24c9ba18e1ad1cc5275037d0f1d5386d1f7d0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
70c17d1ebef50211-ZRH
content-encoding
br
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
dsp.aspx
ads.go2net.com.ua/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3864057591779080&cpv=6ee9cc20-4849-f187-e4dd-df842a12e90d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22d414c02c-0d75-8589-1147-8990a0890979%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22061fdb6f-2620-2501-d02a-d3e0c3927a6b%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
f3fd7fddbd3e2d6874066aeafb2dfae937924a6bc39a8c3d80d993dcd290e0d2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
1751
X-Xss-Protection
0
usync.html
eus.rubiconproject.com/ Frame 80A7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:47 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 May 2022 04:49:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
csync
sync.spotim.market/ Frame C37B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=4344810612192819393
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=4344810612192819393
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:47 GMT
Etag
1d5ae89843810fa6
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
40a1bc72-0a85-4540-99d1-a9bbf61a8d0a
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 16 May 2022 04:49:47 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=4344810612192819393
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C06 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141629
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 20:10:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 3E44
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
grchp5lf3rji7f8vkdnnfiaqj0l47k19
csync
sync.spotim.market/ Frame 3E44
Redirect Chain
  • https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20
  • https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
96
Expires
Thu, 01 Dec 1994 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 3E44
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YoHX6pnKchycMLvXJupRmwAA%26648
0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YoHX6pnKchycMLvXJupRmwAA%26648
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YoHX6pnKchycMLvXJupRmwAA%26648
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
278
Expires
Mon, 16 May 2022 04:49:47 GMT
csync
sync.adtelligent.com/ Frame 3E44 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
1d5ae89843810fa6
Content-Length
43
Content-Type
image/gif
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 11 May 2023 04:49:47 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 11 May 2023 04:49:47 GMT
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=d213eba3-e9e1-4799-b018-39f8bb631965&hp=1048539382&page=zdorovia.com.ua%2F&segments=5%2C495%2C2&ts=637882733866357320&ap=MA%3D%3D&asign=-947060090&sync=3%2C80%2C88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=099f7f3d-b4bf-4d7e-bd1e-4bbe3e1d6c85&ip=217.138.196.105&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 May 2022 04:49:46 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=d213eba3-e9e1-4799-b018-39f8bb631965&hp=1048539382&page=zdorovia.com.ua%2F&segments=5%2C495%2C2&ts=637882733866357320&ap=MA%3D%3D&asign=-947060090&sync=3%2C80%2C88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=099f7f3d-b4bf-4d7e-bd1e-4bbe3e1d6c85&ip=217.138.196.105&item=2AC304DB-8C70-47D9-86D2-B88FCF329D87&crid=2AC304DB-8C70-47D9-86D2-B88FCF329D87&size=300x250&profile=31B0C9C2-24E5-4F12-A50D-F039082E0855&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C5B7 		158 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4da30586f1fabdc4aef38b03ccf8b7f07bbabd08095b4efb72dc5b2536da954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
16023440125682313813
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
56119
X-XSS-Protection
0
Expires
Mon, 16 May 2022 04:49:47 GMT
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=d213eba3-e9e1-4799-b018-39f8bb631965&hp=1048539382&page=zdorovia.com.ua%2F&segments=5%2C495%2C2&ts=637882733866357320&ap=MA%3D%3D&asign=-947060090&sync=3%2C80%2C88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=099f7f3d-b4bf-4d7e-bd1e-4bbe3e1d6c85&ip=217.138.196.105&item=4AFBC992-727F-4939-8CA8-A11954B7F1F7&crid=4AFBC992-727F-4939-8CA8-A11954B7F1F7&size=300x600&profile=94EE5311-0516-4D72-8091-7984FDECE4E0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=4&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=d213eba3-e9e1-4799-b018-39f8bb631965&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099f7f3d-b4bf-4d7e-bd1e-4bbe3e1d6c85&inst=ADS-EU-6&ts=637882733866357320&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
cc.js
tags.crwdcntrl.net/c/15238/ Frame FCBB 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 02:02:05 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
10066
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
DDF81nS6oNUnTnA0PaXiDxNhKQVMcodzuy4EO83CArB9JecFiMcTrg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame FD8A 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
W/"601b131c-27c"
expires
Sat, 15 May 2027 04:49:47 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame A0C3 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D269f09d876621f44%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 16 May 2022 04:49:48 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BBWPCCh
x-77-nzt-ray
t5rhQIFE1JU
x-77-pop
frankfurtDE
x-accel-expires
@1653713388
x-cache
MISS
adxcm.aspx
inv-nets.admixer.net/ Frame 95B5 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMYyWws39%2fHFeX7f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 16 May 2022 04:49:47 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ Frame F43F 		309 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro&bust=31067585
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82b43040409e057bca1bae4ae9d39a73b1fa43fbbd5f907f05142c27bda89e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112750
x-xss-protection
0
server
cafe
etag
12232138576755484065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:47 GMT
mw
mwzeom.zeotap.com/ Frame F207
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=35729483-939f-415c-5d79-a5304834252e&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=35729483-939f-415c-5d79-a5304834252e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d2098950211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=35729483-939f-415c-5d79-a5304834252e&zdid=1361
date
Mon, 16 May 2022 04:49:47 GMT
cross-origin-resource-policy
cross-origin
content-length
0
usync.js
eus.rubiconproject.com/ Frame 7853 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 20:46:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=24118
content-type
text/html; charset=UTF-8
content-length
9496
expires
Mon, 16 May 2022 11:31:45 GMT
usync.js
eus.rubiconproject.com/ Frame 80A7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 20:46:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=24118
content-type
text/html; charset=UTF-8
content-length
9496
expires
Mon, 16 May 2022 11:31:45 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ Frame 4217 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb456fc6973f7f43835192e0502b08aa19971ea6631c8d8ac37618b50770b3a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112597
x-xss-protection
0
server
cafe
etag
18389845319223926763
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/ Frame 8121 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
38188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 18:13:19 GMT
etag
1428802124239944296
expires
Sun, 29 May 2022 18:13:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GS.d
js.cookieless-data.com/ Frame FD8A 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1652676587475
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ Frame 5E07 		304 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be82debc01c1984ca157692269aa6cedb43f94057eaf57950cb300c0d54bb52a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111208
x-xss-protection
0
server
cafe
etag
1191603730897840274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:47 GMT
c.html
cdn.admixer.net/scripts3/45890/ Frame 5D9F 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
W/"626a814d-2e2"
expires
Sat, 06 May 2023 21:00:10 GMT
last-modified
Thu, 28 Apr 2022 11:58:05 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-05T21:00:10+00:00
x-id
fr5-up-gc38
media.min.js
a4p.adpartner.pro/apstc/ Frame 35D4 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame E122 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Mon, 16 May 2022 04:49:47 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 7889 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=2&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
953cdb0d7a2926fd3a92bec349cbfcc6a13d78e9f8c0a35042bab48fbdf7ea58

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 16 May 2022 04:49:47 GMT
server
nginx
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A417 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame 7853 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 80A7 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
cc.js
tags.crwdcntrl.net/c/15238/ Frame 911B 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 02:02:05 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
10066
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
kBvgDTmvsX4YHAWN9c3MWNetbRTJCCzhSQXx4kAy4MfWVuMdKOlq-w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 8922 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
W/"601b131c-27c"
expires
Sat, 15 May 2027 04:49:47 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame A4A8 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Dc34d5ca477eefed6%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BBGhiih
x-77-nzt-ray
q1lqjSwmmQs
x-77-pop
frankfurtDE
x-accel-expires
@1653713387
x-cache
MISS
csync
sync.adtelligent.com/ Frame F0F1 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AMYyWws39%2fHFeX7f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:47 GMT
Etag
e15eb233bff80b3b
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame A947
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2SXOMgqSDrAZrWTYIox1&pi=admatic
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2SXOMgqSDrAZrWTYIox1&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:47 GMT
Etag
be9ac51343071db7
Server
VertaMedia 1.0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 16 May 2022 04:49:47 GMT Mon, 16 May 2022 04:49:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2SXOMgqSDrAZrWTYIox1&pi=admatic
pragma
no-cache
pbsync.html
js.adscale.de/ Frame D8C2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
4237
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Mon, 16 May 2022 03:39:10 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Thu, 12 May 2022 14:50:05 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-id
hnxFVqpgOt9i_cIGh0zAMHsPZuZUsIkd1nNnrLXhjOT4j4DrnJirdw==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
9wso3d4bB4y5m0gulVE2cMj8uW2KJpg1
x-cache
Hit from cloudfront
csync
sync.console.adtarget.com.tr/ Frame F557
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8624539296363438648
0
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8624539296363438648
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:47 GMT
Etag
be9ac51343071db7
Server
VertaMedia 1.0

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 16 May 2022 04:49:47 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8624539296363438648
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 72E4 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:47 GMT
Etag
be9ac51343071db7
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame CAEF 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:47 GMT
Etag
be9ac51343071db7
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame AB56 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:47 GMT
Etag
be9ac51343071db7
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame 1754 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
VertaMedia 1.0
Etag
be9ac51343071db7
Content-Length
43
Content-Type
image/gif
media
a4p.adpartner.pro/ Frame BBDF
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
pic.gif
pa.tns-ua.com/bug/ 		56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6deaa01ea694467c91fb456d0d463654
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1
cm-notify
creativecdn.com/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT, Mon, 16 May 2022 04:49:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=6deaa01ea694467c91fb456d0d463654&redir=[RED]
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
onetag-sys.com/usync/ Frame FA36 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3864057591779080&cpv=6ee9cc20-4849-f187-e4dd-df842a12e90d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22d414c02c-0d75-8589-1147-8990a0890979%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22061fdb6f-2620-2501-d02a-d3e0c3927a6b%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame FD01 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3864057591779080&cpv=6ee9cc20-4849-f187-e4dd-df842a12e90d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22d414c02c-0d75-8589-1147-8990a0890979%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22061fdb6f-2620-2501-d02a-d3e0c3927a6b%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c249b56ac7511cd1537e1834591081d1db83a4e102e11d4ecb08d7390442729b

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
expires
Mon, 16 May 2022 04:49:47 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-603
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=7c534b57-c55a-4adc-816a-e2abd8d6fbe0&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099f7f3d-b4bf-4d7e-bd1e-4bbe3e1d6c85&inst=ADS-EU-6&ts=637882733875015302&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=6deaa01ea694467c91fb456d0d463654
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
match
c1.adform.net/serving/cookie/ Frame B675 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 16 May 2022 04:49:47 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5260
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1&gdpr=0&gdpr_consent=
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 May 2022 04:49:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 16 May 2022 04:49:48 GMT
Expires
Mon, 16 May 2022 04:49:47 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master nrt-pixel-x21 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1&gdpr=0&gdpr_consent=
ImgSync
image8.pubmatic.com/AdServer/ Frame 3BA3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1554987726123330793
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
0
date
Mon, 16 May 2022 04:49:48 GMT

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 16 May 2022 04:49:47 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame B575 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:47 GMT
expires
Mon, 16 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
351447
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
cs
cs.yellowblue.io/ Frame 23F1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7098191892038285455
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.213.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-213-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Mon, 16 May 2022 04:49:48 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Mon, 16 May 2022 04:49:47 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.yellowblue.io/ Frame 72B0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoHX6wABrEVSHgAo&gdpr=0&gdpr_consent=&_test=YoHX6wABrEVSHgAo
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.213.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-213-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Mon, 16 May 2022 04:49:48 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Mon, 16 May 2022 04:49:46 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 800E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=idbKvXuaRzxiSGziTQlrMtmKxGk
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
0
date
Mon, 16 May 2022 04:49:46 GMT

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 16 May 2022 04:49:48 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug002:0:443
adx
match.prod.bidr.io/cookie-sync/ Frame 1C74
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCWnRrN0ZBN0FBQUVXaHo3aGhRZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.37.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-37-155.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0635
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 16 May 2022 04:49:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 16 May 2022 04:49:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
bridge
cm.adgrx.com/ Frame C409 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 16 May 2022 04:49:47 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-6
server
Cowboy
pub
matching.truffle.bid/sync/ Frame 7C94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
i.match
s.tribalfusion.com/z/ Frame DAA1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
70c17d230baf01db-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 16 May 2022 04:49:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
70c17d219a8b01db-ZRH
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
15595
cookiesync
core.iprom.net/ Frame CEC2 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 16 May 2022 04:49:47 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-56676ad921cc@version_1.501v3
X-core-time
0ms
X-server-arch
v2
ImgSync
image8.pubmatic.com/AdServer/ Frame CAED
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0803d8f2898b2608/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaSaYQSMXSRShXUaS
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
0
date
Mon, 16 May 2022 04:49:46 GMT

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 16 May 2022 04:49:48 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C75D
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9eecce3d-9882-4979-9567-12ddfa01473d-tuct97b5d6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9eecce3d-9882-4979-9567-12ddfa01473d-tuct97b5d6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 16 May 2022 04:49:47 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lcy19264-LCY
x-timer
S1652676588.817323,VS0,VE8

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 16 May 2022 04:49:47 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9eecce3d-9882-4979-9567-12ddfa01473d-tuct97b5d6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6963-MXP
x-timer
S1652676588.679284,VS0,VE20
x-vcl-time-ms
20
generic
match.adsrvr.org/track/cmf/ Frame 1EC5
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1652676587754
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3384703968
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3384703968
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 16 May 2022 04:49:47 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
RXed778bc6bdb94dedaa4dbf78ee9ccce3003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3384703968
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
server
Tengine
um
u-ams02.e-planning.net/ Frame 80A1 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=269f09d876621f44&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 16 May 2022 04:49:47 GMT
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1020
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=141629
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Tue, 17 May 2022 20:10:16 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1020
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a9356281-d7ec-4400-bbc8-84d07d67853e
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a9356281-d7ec-4400-bbc8-84d07d67853e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
MT3 4390 fb8620d master nrt-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a9356281-d7ec-4400-bbc8-84d07d67853e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 16 May 2022 04:49:47 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1020
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 1020
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QThBQjZDOTAtOTk5QS00RkUzLUI3RUYtRkJCRUFCRjJBQUQ3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 16 May 2022 04:49:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 1020
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDLexWjta8F_pdVXpcUgzkk&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 16 May 2022 04:49:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
um.simpli.fi/ Frame 1020 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 15 May 2022 04:49:47 GMT
cs
cs.yellowblue.io/ Frame 1020
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8624539296363438648
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
54.157.213.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-213-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Mon, 16 May 2022 04:49:48 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
date
Mon, 16 May 2022 04:49:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
100
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 1020 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame 1020
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4344810612192819393&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 15 May 2022 19:59:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 1020
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WRx_twsZIuRCTXeyDkpqvlgYdb9CS3C3CU_OZZwx
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1020 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c13b:f765:4942:677a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 1020
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Eyh2GkZE2uUyVCA6Aa03TBRv2D1B14Y-~A&gdpr=0&gdpr_consent=
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Eyh2GkZE2uUyVCA6Aa03TBRv2D1B14Y-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Eyh2GkZE2uUyVCA6Aa03TBRv2D1B14Y-~A&gdpr=0&gdpr_consent=
date
Mon, 16 May 2022 04:49:47 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1020
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=43a463dd-7420-4b16-b08f-8612740af562
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=43a463dd-7420-4b16-b08f-8612740af562
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=pubmatic&user_id=9243fe59-2884-45db-aabf-416254d432c0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43a463dd-7420-4b16-b08f-8612740af562&gdpr=&gdpr_consent=&gdpr_pd=
1 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43a463dd-7420-4b16-b08f-8612740af562&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43a463dd-7420-4b16-b08f-8612740af562&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 16 May 2022 04:49:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 1020
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:afbc047e-c000-47c9-b15b-740c22b29d03&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
54.157.213.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-213-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Mon, 16 May 2022 04:49:48 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
date
Mon, 16 May 2022 04:49:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
100
content-type
text/html; charset=utf-8
cs
cs.yellowblue.io/ Frame 1020
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4563681998453056354&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
54.157.213.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-213-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Mon, 16 May 2022 04:49:48 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11576&id=6deaa01ea694467c91fb456d0d463654
date
Mon, 16 May 2022 04:49:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
100
content-type
text/html; charset=utf-8
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1020 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1020
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4344810612192819393
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4344810612192819393
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:48 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
500ba5ea-376c-4ffc-8bc3-190f05f02625
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4344810612192819393
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1020 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 80A7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
cookie.js
partner.googleadservices.com/gampad/ Frame 4217 		219 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
28b57208794bcde918cd024b86587f4afc151116c58a16309d667bc4eb59b750
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 4217 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4217 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C118 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f313e3fdd6a9d7b8807a75554708d5e9544b94e8d89bd0445d3ddbda6ca72c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11227
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4217 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cacd1d34792e933e99d66cae3212cad51f0f34f4b9dfe97884d5e539d685cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10273
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame F43F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro&bust=31067585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F43F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro&bust=31067585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E1EE 		57 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro&bust=31067585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bbfb7472bb6143e22f0bd5d81e50ccd03981a6a254fc0926ae075b5de2be1f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
24412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixelSync
pixel.sitescout.com/dmp/ Frame FD01 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc34d5ca477eefed6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame FD01 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc34d5ca477eefed6%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
i40gsmnv49l0to9010sg4bjuupa8691e
ptag
a.audrte.com/ Frame FD01 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
c62bc6a1f6c81f1c352072a264e959b0fdccacf9843b5a818b62dbe7128476f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:47 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame FD01 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 15 May 2027 04:49:47 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame FD01
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc34d5ca477eefed6
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 16 May 2022 04:49:47 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame FD01
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc34d5ca477eefed6%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c34d5ca477eefed6&uid=4344810612192819393
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c34d5ca477eefed6&uid=4344810612192819393
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c4ca9dd-4e9f-4aac-87ff-7dbf78827432
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c34d5ca477eefed6&uid=4344810612192819393
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 5E07 		219 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
762235323102edf25e0ebfbb06a585e86c808a5830b3f7c62173cc796e00210f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 5E07 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5E07 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 892B 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87ec99b45eeab3f28e9e918a5248bbc8b3e14d0d726a34b35bc44ac69232725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9741
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5E07 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
649bf2fa6b9acd1dc49fd17d2a955a8cd7cbada26a3957e8410cb7a49062cab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10616
x-xss-protection
0
GS.d
js.cookieless-data.com/ Frame 8922 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1652676587839
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:47 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1A61 		57 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro&bust=31067585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
774e73bd7ed225d5533e535bac610176dd168bb7bf5417ff3066e71d8f430b22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
24435
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/ Frame C5B7 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31067584
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
673ab1cd1a3fd4e4223496a8d665c2000951d1f7a310309200a3fb0dc390bd35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112654
x-xss-protection
0
server
cafe
etag
230421500080360983
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:47 GMT
usync.html
eus.rubiconproject.com/ Frame 83C0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:48 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 May 2022 04:49:47 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DFB4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141629
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 20:10:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 55AF 		1 KB
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 37FD 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 163E 		322 B
674 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8291e39ab10fb0447c378a69ba1ec69dd5c443a1249d1c6e2f4ef4ec53fef8ec

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
70c17d22caab0211-ZRH
content-encoding
br
content-type
text/html
date
Mon, 16 May 2022 04:49:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4217 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:48 GMT
media
a4p.adpartner.pro/ Frame 7889 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=2&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
d05fbc0f479ae73c70d5511147de55109d4f99a9c82c50f6f0e5b62fb1ee0537

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=2&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
uu
ih.adscale.de/ Frame D8C2
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1652676587
  • https://ih.adscale.de/uu?cbfn=receive&t=1652676587&nut&uu=379404069fe0475bb5057bd64d385829
44 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1652676587&nut&uu=379404069fe0475bb5057bd64d385829
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bd75cc24e817f1502c8ae8234a0af98f056efe5d8bea0b6d306f6205d512d65a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1652676587&nut&uu=379404069fe0475bb5057bd64d385829
date
Mon, 16 May 2022 04:49:48 GMT
content-length
0
media.min.js
a4p.adpartner.pro/apstc/ Frame BBDF 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 0DDC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Mon, 16 May 2022 04:49:48 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame CD74 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=3&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
a0a653655a55b4a67650d3a6922fa70779b80bf7cdfb43e0c274a61ebbdd09ed

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 16 May 2022 04:49:48 GMT
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5E07 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:48 GMT
ptrack
a.audrte.com/ Frame 911B 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.105&p=M1353665098&artime=2022-05-16T04:49:48.038Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0f166f7863fa9b7a6b0afe0c1f4c4971d554cae0fe3d2c7e94b79f32a33c3a28

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
cookie.js
partner.googleadservices.com/gampad/ Frame C5B7 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31067584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame C5B7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31067584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C5B7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31067584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 74D9 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31067584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04eccec8b6f4a06b3092fdfedbef0fc11ae32db29efed45ddf8abee254d24778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10089
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame C5B7 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31067584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50089e2ce91a46e79dc98f2a49007b815d7555381be0b777197ef873be7d2bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10443
x-xss-protection
0
mw
mwzeom.zeotap.com/ Frame 163E
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2c63...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=51971239-de04-47a8-42bb-9c4ac716d5a1&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=51971239-de04-47a8-42bb-9c4ac716d5a1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70c17d243be50211-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=51971239-de04-47a8-42bb-9c4ac716d5a1&zdid=1361
date
Mon, 16 May 2022 04:49:48 GMT
cross-origin-resource-policy
cross-origin
content-length
0
usync.js
eus.rubiconproject.com/ Frame 83C0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 20:46:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=24117
content-type
text/html; charset=UTF-8
content-length
9496
expires
Mon, 16 May 2022 11:31:45 GMT
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=211243eb-11ba-464c-a0c6-ba847f55b0ad
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
match
ps.eyeota.net/ Frame 911B
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8624539296363438648
  • https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 911B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 911B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=&google_gid=CAESEPgRzG0uQqZtaLRezPkhtN4&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C5B7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31067584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:48 GMT
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=1e6617f3-c4a4-480b-aae1-e830f0807e27&hp=1048539382&page=zdorovia.com.ua%2F&pvid=194e644c-b03f-41b5-ac69-0d29e3fe65f4&inst=ADS-EU-6&ts=637882733866357320&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=9&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=47a5c9d9-5533-4fe9-946d-19963bc31b2e&hp=1048539382&page=zdorovia.com.ua%2F&pvid=194e644c-b03f-41b5-ac69-0d29e3fe65f4&inst=ADS-EU-6&ts=637882733866357320&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
cc.js
tags.crwdcntrl.net/c/15238/ Frame FD01 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 02:02:05 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
10067
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
wxqwTlaL3xwR45pOr66bEobZuTTbM4F_Q1wWy4-NMiybZps6Ojig8g==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame EDF5 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:48 GMT
etag
W/"601b131c-27c"
expires
Sat, 15 May 2027 04:49:48 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame BFBD 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Dc34d5ca477eefed6%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 16 May 2022 04:49:48 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BBIsXrB
x-77-nzt-ray
bcDDS276uGs
x-77-pop
frankfurtDE
x-accel-expires
@1653713388
x-cache
MISS
adxcm.aspx
inv-nets.admixer.net/ Frame B4D8 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMYyWws39%2fHFeX7f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 16 May 2022 04:49:48 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
media
a4p.adpartner.pro/ Frame CD74 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=3&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
9a1cb135934c288fb2fc9e3245ea72887565593265e6a603e9c2f78d0f1b6403

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=3&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
khaos.jpg
token.rubiconproject.com/ Frame 83C0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
gen_204
pagead2.googlesyndication.com/pagead/ Frame 892B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AHc-djwIlCpvtqzX8IzMgbVR7fBK7fErlDCAErD8kzVVm7dmm9NZc1QT451v2rsJy6781Cz-LJe-8AZGZ62vAuCX3Xub1C2eixgSAx6u0mpT2wYdc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 892B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:30:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 892B 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 892B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:35:15 GMT
l
www.google.com/ads/measurement/ Frame 892B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxN15iADrrEtH7fQrJmJK31XeDCu3Rfor5a-7OBNzhNviUW3ItqWVZ4NfTQa1-iC9I7XRb2LbPWhUjbIW_qLLpFuDSfw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame C118 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CUGfKq15p7CtvVvluc2IgUAvVo3Gaj3wSPf3Ode7MCJds-8SLddNA7H9xSYPfWBTEO66oj3Hu5fyzuoke295beQHBcyzjHk8HxG6hp_R39C97m4QI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/970282/61278885/dcm/ Frame C118 		233 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/970282/61278885/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2e31a837fb8dfe7133c0578a677138a7dc1c4a9f1bfd46cc65da8534e5051f0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame C118 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=17841205&campId=16386003741&pubId=1&chanId=52321546355&placementId=410133277&dealId=549644393847897261&adsafe_par&impId=ABAjH0jEzmqLlgdAC8W71J0zCtzQ&bidurl=http://zdorovia.com.ua/
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.237.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-237-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
489379af8d2781908ca98ee75b7312c2fc91e1b20476ab9ff11fc5bd194c6fd0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame C118 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:30:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C118 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame C118 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:35:15 GMT
l
www.google.com/ads/measurement/ Frame C118 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDQLJdvhU1nQ8iKpXf0ZgeUhOFdhR1R-_V3T8_NMEkdN4_OZGOt55hBMcmZ2Vep4Fy0wMTGCSuXayRWVWuYwl8dbjNyA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
11658403167356891469
tpc.googlesyndication.com/daca_images/simgad/ Frame E1EE 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11658403167356891469
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67e4f002abcccebec787abb5fb295dd0067bb752111db2b08e91e84d906681e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 14 May 2022 04:41:46 GMT
x-content-type-options
nosniff
age
173282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29029
x-xss-protection
0
last-modified
Mon, 02 May 2022 12:53:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 May 2023 04:41:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame E1EE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:46:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame E1EE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:30:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E1EE 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame E1EE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:35:15 GMT
l
www.google.com/ads/measurement/ Frame E1EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCaTk9iMQ317WieCJdGpsvBWMWD-uxD7f-U22QipWd-ILYK4dCnZTVGCbTSlN9Yz9rJ8FFo4TZmu0jSXsBMK3f-Cv7pA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame E1EE 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12360
x-xss-protection
0
server
cafe
etag
2640822135664651074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:07:33 GMT
11658403167356891469
tpc.googlesyndication.com/daca_images/simgad/ Frame 1A61 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11658403167356891469
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67e4f002abcccebec787abb5fb295dd0067bb752111db2b08e91e84d906681e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 14 May 2022 04:41:46 GMT
x-content-type-options
nosniff
age
173282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29029
x-xss-protection
0
last-modified
Mon, 02 May 2022 12:53:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 May 2023 04:41:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 1A61 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:46:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 1A61 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:49:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A61 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 1A61 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:35:15 GMT
l
www.google.com/ads/measurement/ Frame 1A61 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRH8CJdwMIafACtL0aTO-E_Sc1E6qe2299-jN_HtrmICvKiLuGXuW4vNog3KvKe7SCOYOg8j6by6A60nhMA5Krwm8ZZw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 1A61 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12360
x-xss-protection
0
server
cafe
etag
2640822135664651074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:07:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2973 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYsJKxygEwAQ&v=APEucNWtNZl3Jw7alnyoA5bXGu5c8Wd9bjIj7gFAVJvavIC6tOo70uM4SMmnmhSdaY1qcODruVKmNQgAXwWzKRyqobPKokoXgZ6QKGmlnEmCHZ83v8sIkiE28X-kq-xvw6Nz3t4AQ-w-PjxDIO-Oo8RDswW6QgbhdrTNlqAH_iOSf7wtgBeSAAA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 892B 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGq9FFAJu7tJTp76p4B9MmxBJG2UJTDEoAa_paBl9kGP5NPCkwHo1hv-WODZY6UuOWxYpV_bkGNggBvAbNcIqYsHUnvqLQ8WXzmMofcsfSY8LxsfW36qeghC3pBw4LDdglxy6ujm1G0ERdDzxzh38zyhp7Q&dbm_d=AKAmf-BvBkhb3M3GR7cL8fb2jyxHvO1LoHpQ8kBO1wU0bI1cnqia3OS4XqQZLKp5GHEXeuvzIGvn32j1sS1zYtbZIG1GR_uPyS4NPUiql4xY-vLRyQidLHMIIsgk_plg6JR9o3nYYuYg-VxWnR9_h9tSrcQ9xF7RgtTcA0TiRMLOq4qP_UpPad6GKItln3PqTW8Xt5atPR_CEZZG220FIBdqrlPa1V9wtA9RsV8Jd4IMtwZvMQPiqC6sOIxYMOm2DgiLXxQuJGZcrfCdZ8g1hR-5NDwyicKXbtGTKvgFawCOe_HUj_XG5MkkXZfq_3jJBhlqJ9g67oxc2Vlx6sTHVEdRxYtB96yDL3t6RNuBSOFZ9BMlfqP26cUJD9mBjZt_sMCfGuMfKEE5BtFpM2eTw-9_wjGgFZCvoawudvq4JJdFblqjPXVIyu-9CvxGVtxg2Dq2JBPX7Ffkd9cnevJJDi80LudGZWVGcros5UmiP6XymJ1kDNNAR8RLdNNNnXV4iyK9paRYCEarCysN1PaWkv-3_XBLYsEJ4-DmiadzxZUzwN-8GqOVWhjGtQadaHXFwN2hpL9R0FHLvTYXkrLbVaP-OPe1UBgTLMOdJPfYgWFRgu5vTRFcgiI2XVAXCvFqc4YhFcyXY-sHCsmy3HEJ_U33JSULDTC1HMBXRdkXO4ZfHS0sMeTKd3cvzg705iDZAHtyV__OhyhzF97IGcVGGluU99GG8mOFWE1E7Pyd3rcWBqO4pm0fmWwmE-lZdxgRQSiV7wxCb4Rw56v_JkfsU2QQo6thR4-SL3W31qQdkdgy246BL7vNjQaIcYFaq5SJce6Z-8fanT13TVQssZNZe73RMS3RA1cuLV9Mr9qE07oddlmCKpJlMZs1OaS3qTTi81M8tfFBXCrJl6vnnNvEpPTS0Pjz-ppX0pyst4eaSni1oCFyc4z34K_DfB1ibdru16OvaPF6FobyU-mHY7tYyc50d5Wh0mJW6wtxZj7f0q3m_44nmmcq-VIKfz3qn3RCz2QppF0J2KkWwv5RTRfGnNhzWTUXj_RjxeG-_tk4K6XMRmzdTZ8OyBR04cZeTSWyzljQ9nzNJHL6W8LUnzhV8dHQDFgarDErTeFSokcJIh3qN-XzSivROhNiryZmCq08iAxccpVLSnRpAbEB8dhLgWLIpPNW7bXotwn1EEHcaAsVYjxzp8uP0HJe_WRjFxX-2DZ1ADG1eSaFuBybW7xwiBBKuThu846E1MFXs4bc81RpWd66yf7i2FhOvEKnjmZF2BI_OIP8LWa1-7gDIoOH8extB-aCizt7DfcAB1MccMLB85PaY2CZVAapa7FlSo520w7PMGq1pqxfABRlnb5MVPgAeF16-pWi7I72tZKG8NOLAWmd73HnJoBxIhpFDc4i0LlrcIBSoIahVmjgvoy4GpKze-wr6JrV0WZTZvfHXm1He0yaAMsDtvtKIljQCoe3kbXchzgub7-3gHlPemM15s46QZQ-mQzcGHNyrECrX-qpvVea5qwaDB5PFy-IQFcKM6wDvS6Mq_L3KX_2L0bn5BIalG1Ebfods_e-J0Iuy-Z9a9Mii5_RW3K8_OkuvElgjHl0AZX-ouys1ubd0NUXcjcUehHBtqi3Sp5tU6WEvmUe8eVuo_QgvaLnCXF1lPiaK7Jrji5rwK9X386YmLjolFTLdb-5vMCgvTCbD2hACSz3sAjCnnY6DJJD0d8H25J3JAcP56dKKZFjr6VV47whEp5S-N2QhtZFTqn9YngI8sRAdAm1EHl-gyTDEWF00vWfda-s8536ZjQdhzcr2nOL9FmDPJtZ2V0S0NeFZRdyrrBbi2waZJlJ9EYcTIwnbhweESTld7l_k5wCAJqeSBCp2-Ur75xPI3A0FJEh9RUY7Ukyu5--io-gDfZXKejLt-i12TZo04SyJQisdgqRqluldiH_BPRfa2DL9Yh2om98QJjCZbJnpeaNixjepImo0tU_PtGq7XBEsrh2Vsdctoej0B-t3qWtTavRPcKVot7WqTzezcgRpZP6iG0MnKVzrVZ5EzgKORLRRBwVuGQmMgJTCTUSl9TaWWGr2lYasLBG-f_RcX-E2fWXH4DQ4MGGsbcr3NSCK1GnpXP1el-PzWbgdueS00T_Lph_KaKmFUJoUYeaKAaD6htHYOHJuGTDeWf7lpYKd9QCJuCu3lG-a2wWRTvaKHZbotgZXgHhy8eL0Jx0UoVMXuVyFUq2Lmsm3IdDH3mY-VOluy5jc8abl-F0G9cWnB3CWlqqsX4RaDCGcclSQjZ4b3j3LifMob7ZnMKjwXZwps49UBjT5JzSBqJG-Fnw-pCGKlsZQbYzTfMtejcAVJQvG_Rw2ushBYxcAL5frjhVd788bWU7Sl32SARlLA7FPRcXdYQFJxNGb3S7Kk7fE-01WMiHXk6BNa8r8ZqSbnDuV_Pwe0rixKSvPjzlbWDA8TrgrwIKKPdVFvAUodMRDevEsD7YJvNt8AjM-EiKeExmhg4OmnbCJO1gocJ-Z6Ekgpn6Vzgs0Gc-_hMRvuK9KPjr1zEHgUt8DZKZcfUNDzyV75Xo4ZD210ZSa7tnMA53_HWGdpIGNwElUJUYF50f4Vw8yKXWuSp_Eh1eUVV6uhEuEYUf1juz8uZOK_kOW4COeP2N_CTXbngR9x8Hux0L3sl9RT2JOx5BKZe8bpA-nw7Y7pl1WR1tEgkj7OKOgrs-GCMZfG8uVlVgMeSqWMpTn-Z5YX1FT8syBmYUT2pcS7nY-FjToQDRpGyBgYaPegrGHIjFRlOjfDrl2q5tMP-V0BTcGPrOSbPzAgg3FNPZsc7Y4K67NaSO2Cfc3mrPUQlD9CsmlJfm8PQsEnSpSyiHhKnMLMOVdxN5tKOuJCXzVkhk9Hb4_hstMQOOzTsKKG7aE05LLcFq-uKi-7A2EDZ4Iipqr-Xe8VWuYXVnecaEfxrFC2cr8TrcZx5lOV27IjKYZDNn8thrs0V-hHl1O_3_S-PYTvndZftbkMTCibTjQJH4TautuWBe3W-FjSJqOKwDaXoCYWfrWw&cid=CAASEuRo_8L89W06ZIyE4IThcGIRiQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43fdf1290da9124d761af6831193339d7c2223bd7bc1043352f6b0f8125365eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 866E 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDFue6pAhidxsjDATAB&v=APEucNU01KZ4ReOmf3OwSy2djg6036HJFSWbG5AI8NfbaQfFfDNQKQrGj2sGIP8pYDBC76sl_C8ThUEA-xfD7KPUuCfwav4p1ndW6yUwfbhcIkj3TVtlO9LDeCB5JvwC2PuADHP1pcaYNskHXaIrQPh4Ad1rGCAk7-0MqKgSU5vJNP9a4etK8To
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C118 		14 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhzOtlOYs-ZsrbGJRtG0CdkIg2DQEwMKlcOtV5LarNWuPFHJrqJM2Q_pmi8KqR32UaEuC20dRfwJRzsJymiI6XrmHqyOctIhxmYOQ9Ion7gJY-nFdpUZ0BBv0y7mHGt5gf--lZiLqj17H0qsIQ7x45Y0AC1w&cry=1&dbm_d=AKAmf-AMlhj-jMQgIAJXFD55VIhT92mWIMX3_lr2prof52_SF1WU8cAfnUsC4Nwsd_bwpd-p4eUnKBYVZBcCuuTyqAH-sS0PN_hVupVmuqYVackCKwfs0Uy9h3YvFtmpS0AVwVFfMSaYZlkWZdXqHN_RrjB5O0dcN7elF0sqdseEIzhJLewbLl2WXKRKcIFW6Ex9GInxAllY2P5bY4PghpboTjl8R2sMeraxEphnWnrFqlDUwbr9SgeyYu8BizXNHQIdcE9oGukV3bAIfSB6pC9hPnuPumhrla0yAkS9py_c4rM1Vi0d8D6KIOpJ8ww9bzqNLFb7DIZBSkHJiEWEowIzumc5bBP2F1mCvFeb66Cks2agiqVyFa2HBFxObeqbrOE58Sl0Xy7TCPFc6223KGluaVM9TNB38snxjvhT_6mYdpO3XsWGxiEZZOa6TU_xz7pHLKrcWAhLqlQedo7MmFQ4pTMwRKIOzJ7DCkTr-wLojCHW6XCsMEgLVdlOVyu020daWg-RedAEb52WwNqwnxgeYxQKxN307qHOVS53bJiDzLBpI6qnqcqmT1zDmVEysDwPZaebdafxKysIgCikL6QUiVP5ACeXlYsHS4C2YT-H28uOKXqVbVYkfU5JuD9nLSoLhbAVNdKlB5VDDamlX1s9nLNo-q7TCRCEUHlfHgQbBCtVIAzLRG1Vnd4cnTL_CojbTVxRf2ftu7wSRwcM7ErJqx1shiDEZ7cIakOzU-uqofcE6DywTPg2aglFvfxYW_TuD3NFkYKVyUkrv7s-V-24Pgz8v7WvcU8-Ceq4cI-sSPwocpG3PocehK7r42fllop3i5hQXuAtebhYOW78XwwA4z2hgq6s-5eS3Kq_yBnZFXd5-uWY7-49thMNtdXXortOGjOWQPXVzU_9mg7DGjDqSIxd7OWfieldgVbyHtLthlDS3KUpZFA9W52zQfc9Nsk9Bp3ahmLDxRLV0OHihokIFG0xS9geGK0Dg3uSFLcdOt8FQy2C5L_NckamBW-ykeOzmUlGc4IpnCroO14MmcCKaXZokZNil0OsVmWwxYHzXkp1QRRkQhJK5jwXfAV5MzF9ASnS7tV9FnqjOSccjhGgboC3LB6rZPHce75hz2oSY9jbEXby4InYM-QQZWew4dHCGV_4inlgeTUNrdZ5N0xj8syaY0s4bjOtEl0OZW9ZoGap18JzpDJb9j6yaR1W5JofxDloVkrimAJVCVAJZ13wyl1iKzAAstC9Tp--Xgf1UP9JlcoygngkNs6e_BxX2Vi1ANijya1aATWi1TIu4KZN7CXgTsNngVK2YFiiN0sJ6IAp1mj5PcOOxr_DJrAptKwJrvQnuUjZ3NukUGOOPOGpYaeOb60AFZM0_j5w_Y6SGxMqmDlKIxqUXlHmlLs7g62RwrVG_kiJatVDYZERq34KkVrMLcbLWwYUxTB3U2ewAN_DMF_NcwTqKeYOMHFk7lA7CvBZTICi_46lsyRmOpbIZ49fbDPNf6JbZt6HBVZqQDS1DyKffSdvdqGgyl_DvymvXTBvNnCWnBui9VIeeLXVMf6pbupupsqrxQBmD1Xt46aYd2Fy7bz_b0ZXwkkm_UWUajC2nKwLc04RCKprjiBLS2jmBZObi6rzdab-CarCMJqhE9FE7iKxkprtyyN2RpFYwSNX7C36QBR_mXfJcy_xQepLaAjaJDESpIXKxitFmN8Z-pFHk_1tbhgFuQ4vK3mVlocW__ljV0bF837ER89diciomjkoBqXkPBn7-6YPiMzlh2KGofgUevA8fzmPvRewZQyIMyTXvq7dZ60OKRw2fUxoiaHb-r8BcxRT8UGx-ptyJWhr_-BaPsKsauxBhMW3ARxlSZFEjkVVkNfsLPxcmge-M2aEHajTEKIbpZLiJbqQX400TYUgYRq-H1B6Glm_9Pie7dyXRCR8VTGXJ8cZ20EF0qGUzL5YxJrrLLEWJnu9v-j1AHk1l0YhAiOzGoff5w1f0foRDpV2TtTKRYAEyZuuXA_ougWe7HU1WEME3fIwKX2eohty6IV0xtA_SSFubAlQYy9v9gWyiynmAfj1Anh-uuUcZWxSlpT0qQEYo9lQX6kKFnOsTPdFtcg2XhIH6LVX_bX7A-WaL2ZO0ksqw2_uQKfjnfjjVH9v188hrmkGQFPyqm0p9_HvlfwMIuOLwpJIVtPjJcDGaA-dv5WvFKdEwOfHjhCM7rMv8JeO7xxB8WNC6UFj8thvGj0YzaIuc27ZGRFk3oS3gEMsmJYvWeZtZ3sk1yzmUwsxN2hcphwSG6DHsoxMgUZ0r7s1NqtOaNkkaQ868nsq9S5WuugIv4ayAkE2Hn5KJMlxtWvNOcCyud9Zf8o9qxSFsnvgjtK2mW4iU_yJE4NdSzWav6cTJxW6DdprG8OisKvPoNi302rBGrSixRlqA16rxJ3RvhB_aeQ0T2l2xBUWVUelVuujy0RPvaZK5rJ3mfW1vmIR1t7S-p5ukA65kg9s0BGL37RZ1mj-TB8po7hd8mGFdQlPBI9LCc84QEur4mq8BnWZ6QLYYLXuP0LHn9zMwaDDcXhJhQlj2t2LKXJbo0myunS9wYyJgGgbHQPaOURMvB2-Z8rJlC6raGEWOhTQ1NvBUMu5gxTrHvl4VCp_Je0SZbcfM2uXGvdg47_HQj08CQOXpJjJ84P4cJuwpBj82eq1rc_h-kMU3rp1bG-J1fFuELrR3XJPYijfLgijrt-xTB_eAoWi473RImDnNeAfimUmO_4k4cVDJAK2r2eeHNBHj9H0hzKvW0skf6fp70xGe_gyk5xsdpoDlLfzqtnB-xKuBvR0WDLumHTpq3UMrJvJGYvwSlpfZAGjzcZmr8yC-EN8VwYlXemrHCAqjMoUCfpJVHgNG_qZDm4WAXFzDX3OOp7qkshRbXTNus0LR0JimSPeXHXwdxid17MYTg9gbGDcGNWMq4VUmCm_imASFqvEh8QSuAZHrO4CmM_BRiPL41nK90sfVnnLj3ped1RZYoAMMWedn8DD-cNleFxOvXtGD8irVWPJWGIiRmt9ZEEsAJJaH3AskiVTYu4gHtyprZbCk1SfB7YcUJA8t5hFU0551ZCCSlBakG-wWYG3KazfNKcSrG0UPaSOYCl3f1hiM-6gOJVdJGQUV5mpZdYlO9cKRMkPflXwoFpO4ndoA6CH4AjS1aY50GRJ9zW503Do8kq-s_1cNcI9UEM3uo7BhMVbxh2qXDoUZtKIdIuouJ0-YN2GRQo3zRUO843Z85KT18s_cC_OC2L8DkWPg_F4lEkhn4uXvGiWY_i2UG0tUhBYlEo3ngX2aKza2Re7gmwNPB650aUOq3Qbf5hu5wTJLQybPTRTHCWIRmpWon69r8Kr8gJKviGzw57w8QL7D6CcsmJA7Chxlw85J5jsFfq5OzyxfQoAe8Us_PqD1WxF0O5Kzw004VEsV2lQJQUfQqaKoOcCXwx-3DGJD9mG-8Xk2f7ZJGPZ2hN6bcyp3JF7UbltAFhrNABgyI9th6_losLH3gUIkSetu32lkBjjtrLeH_m4gfpDN2x8kb9h4MKaDzoYoG0g1Je8tYSQjoO535NiKwdN54yQe0caVTX_IpyqwbgrXaDBltZkdUrsn6-pMIoL3EjqUp7DKLEc6_Ci_E-V7Cz4tyjALQ7lLEQd&cid=CAASEuRop17jxul3w6_7yIPjq8WlpQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03500eb16793d208283167ad326c6f36e1561c33862750cbe8e2f30fb99e2a0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10791
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zdorovia.com.ua_970x250_ruslan.html
file.adpartner.pro/2085/2085828/ Frame 2CD0 		702 B
601 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F8df72cd3-96af-4a19-bb21-7be5baa62b32%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg4LCJzaG93X2lkIjoiOGRmNzJjZDMtOTZhZi00YTE5LWJiMjEtN2JlNWJhYTYyYjMyIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D54ffca70dc04904b04f523f5caeea8aa&showId=8df72cd3-96af-4a19-bb21-7be5baa62b32&apuid=994efe04-d65e-470d-805e-cbccac7770d7
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
316e3dc1c04794cf25da0c0373a95b0c87fa59b9d234ac5d17e1710c159e42c6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:48 GMT
etag
W/"6151a891-2be"
last-modified
Mon, 27 Sep 2021 11:18:41 GMT
server
nginx
userconnect.js
js.adscale.de/ Frame D8C2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
qZVzoEdzSYO1lbn.O4.P1ovEopsrSwEn
content-encoding
br
last-modified
Thu, 12 May 2022 14:50:05 GMT
server
AmazonS3
age
6127
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 16 May 2022 03:07:42 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
zWzMrkwXm_HKq3_PEDn1TjeHkh7pjsmpF5_JTrS9ssSta2OBugNNIw==
csync
sync.console.adtarget.com.tr/ Frame D8C2 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=379404069fe0475bb5057bd64d385829
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
VertaMedia 1.0
Etag
be9ac51343071db7
Content-Length
0
GS.d
js.cookieless-data.com/ Frame EDF5 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1652676588299
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
if
a4p.adpartner.pro/tracker/ Frame E62B 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25228df72cd3-96af-4a19-bb21-7be5baa62b32%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25228df72cd3-96af-4a19-bb21-7be5baa62b32%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Mon, 16 May 2022 04:49:48 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame F6AB 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25228df72cd3-96af-4a19-bb21-7be5baa62b32%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25228df72cd3-96af-4a19-bb21-7be5baa62b32%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Mon, 16 May 2022 04:49:48 GMT
expires
0
pragma
no-cache
server
nginx
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=6deaa01ea694467c91fb456d0d463654&cet=9&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=d213eba3-e9e1-4799-b018-39f8bb631965&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099f7f3d-b4bf-4d7e-bd1e-4bbe3e1d6c85&inst=ADS-EU-6&ts=637882733866357320&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1D02 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:07:47 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 78F6 		247 B
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
871d2e9a8bfaee60673c0da8eb46c1f4ad050a016dd6bdb2e8e1a60a56657d8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
204
content-security-policy-report-only
script-src 'nonce-fP5jRaZ8frDvunagkqq_KA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 2973
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuNOzefaCb38IAiK0knlko&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuNOzefaCb38IAiK0knlko&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYsJKxygEwAQ&v=APEucNWtNZl3Jw7alnyoA5bXGu5c8Wd9bjIj7gFAVJvavIC6tOo70uM4SMmnmhSdaY1qcODruVKmNQgAXwWzKRyqobPKokoXgZ6QKGmlnEmCHZ83v8sIkiE28X-kq-xvw6Nz3t4AQ-w-PjxDIO-Oo8RDswW6QgbhdrTNlqAH_iOSf7wtgBeSAAA
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 16 May 2022 04:49:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuNOzefaCb38IAiK0knlko&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2973
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoHX6pnKchycMLvXJupRmwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuNOzefaCb38IAiK0knlko&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuNOzefaCb38IAiK0knlko&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYsJKxygEwAQ&v=APEucNWtNZl3Jw7alnyoA5bXGu5c8Wd9bjIj7gFAVJvavIC6tOo70uM4SMmnmhSdaY1qcODruVKmNQgAXwWzKRyqobPKokoXgZ6QKGmlnEmCHZ83v8sIkiE28X-kq-xvw6Nz3t4AQ-w-PjxDIO-Oo8RDswW6QgbhdrTNlqAH_iOSf7wtgBeSAAA
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 16 May 2022 04:49:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPuNOzefaCb38IAiK0knlko&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2973
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEII4EUkVoaLiH13ajkTppl0&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEII4EUkVoaLiH13ajkTppl0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYsJKxygEwAQ&v=APEucNWtNZl3Jw7alnyoA5bXGu5c8Wd9bjIj7gFAVJvavIC6tOo70uM4SMmnmhSdaY1qcODruVKmNQgAXwWzKRyqobPKokoXgZ6QKGmlnEmCHZ83v8sIkiE28X-kq-xvw6Nz3t4AQ-w-PjxDIO-Oo8RDswW6QgbhdrTNlqAH_iOSf7wtgBeSAAA
Protocol
HTTP/1.1
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:48 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4d40944f-315e-4403-88bb-172d07c9f2af
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEII4EUkVoaLiH13ajkTppl0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2973
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0NDgxMDYxMjE5MjgxOTM5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0NDgxMDYxMjE5MjgxOTM5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYsJKxygEwAQ&v=APEucNWtNZl3Jw7alnyoA5bXGu5c8Wd9bjIj7gFAVJvavIC6tOo70uM4SMmnmhSdaY1qcODruVKmNQgAXwWzKRyqobPKokoXgZ6QKGmlnEmCHZ83v8sIkiE28X-kq-xvw6Nz3t4AQ-w-PjxDIO-Oo8RDswW6QgbhdrTNlqAH_iOSf7wtgBeSAAA
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:48 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1d705f54-d0f3-4854-8758-85ee0ce33459
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0NDgxMDYxMjE5MjgxOTM5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 866E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI0xeRCYCoceAk6tIKfCdss&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI0xeRCYCoceAk6tIKfCdss&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDFue6pAhidxsjDATAB&v=APEucNU01KZ4ReOmf3OwSy2djg6036HJFSWbG5AI8NfbaQfFfDNQKQrGj2sGIP8pYDBC76sl_C8ThUEA-xfD7KPUuCfwav4p1ndW6yUwfbhcIkj3TVtlO9LDeCB5JvwC2PuADHP1pcaYNskHXaIrQPh4Ad1rGCAk7-0MqKgSU5vJNP9a4etK8To
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI0xeRCYCoceAk6tIKfCdss&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 866E 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDFue6pAhidxsjDATAB&v=APEucNU01KZ4ReOmf3OwSy2djg6036HJFSWbG5AI8NfbaQfFfDNQKQrGj2sGIP8pYDBC76sl_C8ThUEA-xfD7KPUuCfwav4p1ndW6yUwfbhcIkj3TVtlO9LDeCB5JvwC2PuADHP1pcaYNskHXaIrQPh4Ad1rGCAk7-0MqKgSU5vJNP9a4etK8To
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 866E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECQoqrXdX4-0m4D6AJD2L6c&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECQoqrXdX4-0m4D6AJD2L6c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDFue6pAhidxsjDATAB&v=APEucNU01KZ4ReOmf3OwSy2djg6036HJFSWbG5AI8NfbaQfFfDNQKQrGj2sGIP8pYDBC76sl_C8ThUEA-xfD7KPUuCfwav4p1ndW6yUwfbhcIkj3TVtlO9LDeCB5JvwC2PuADHP1pcaYNskHXaIrQPh4Ad1rGCAk7-0MqKgSU5vJNP9a4etK8To
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 16 May 2022 04:49:48 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESECQoqrXdX4-0m4D6AJD2L6c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 866E 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDFue6pAhidxsjDATAB&v=APEucNU01KZ4ReOmf3OwSy2djg6036HJFSWbG5AI8NfbaQfFfDNQKQrGj2sGIP8pYDBC76sl_C8ThUEA-xfD7KPUuCfwav4p1ndW6yUwfbhcIkj3TVtlO9LDeCB5JvwC2PuADHP1pcaYNskHXaIrQPh4Ad1rGCAk7-0MqKgSU5vJNP9a4etK8To
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 16 May 2022 04:49:48 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C118 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhzOtlOYs-ZsrbGJRtG0CdkIg2DQEwMKlcOtV5LarNWuPFHJrqJM2Q_pmi8KqR32UaEuC20dRfwJRzsJymiI6XrmHqyOctIhxmYOQ9Ion7gJY-nFdpUZ0BBv0y7mHGt5gf--lZiLqj17H0qsIQ7x45Y0AC1w&cry=1&dbm_d=AKAmf-AMlhj-jMQgIAJXFD55VIhT92mWIMX3_lr2prof52_SF1WU8cAfnUsC4Nwsd_bwpd-p4eUnKBYVZBcCuuTyqAH-sS0PN_hVupVmuqYVackCKwfs0Uy9h3YvFtmpS0AVwVFfMSaYZlkWZdXqHN_RrjB5O0dcN7elF0sqdseEIzhJLewbLl2WXKRKcIFW6Ex9GInxAllY2P5bY4PghpboTjl8R2sMeraxEphnWnrFqlDUwbr9SgeyYu8BizXNHQIdcE9oGukV3bAIfSB6pC9hPnuPumhrla0yAkS9py_c4rM1Vi0d8D6KIOpJ8ww9bzqNLFb7DIZBSkHJiEWEowIzumc5bBP2F1mCvFeb66Cks2agiqVyFa2HBFxObeqbrOE58Sl0Xy7TCPFc6223KGluaVM9TNB38snxjvhT_6mYdpO3XsWGxiEZZOa6TU_xz7pHLKrcWAhLqlQedo7MmFQ4pTMwRKIOzJ7DCkTr-wLojCHW6XCsMEgLVdlOVyu020daWg-RedAEb52WwNqwnxgeYxQKxN307qHOVS53bJiDzLBpI6qnqcqmT1zDmVEysDwPZaebdafxKysIgCikL6QUiVP5ACeXlYsHS4C2YT-H28uOKXqVbVYkfU5JuD9nLSoLhbAVNdKlB5VDDamlX1s9nLNo-q7TCRCEUHlfHgQbBCtVIAzLRG1Vnd4cnTL_CojbTVxRf2ftu7wSRwcM7ErJqx1shiDEZ7cIakOzU-uqofcE6DywTPg2aglFvfxYW_TuD3NFkYKVyUkrv7s-V-24Pgz8v7WvcU8-Ceq4cI-sSPwocpG3PocehK7r42fllop3i5hQXuAtebhYOW78XwwA4z2hgq6s-5eS3Kq_yBnZFXd5-uWY7-49thMNtdXXortOGjOWQPXVzU_9mg7DGjDqSIxd7OWfieldgVbyHtLthlDS3KUpZFA9W52zQfc9Nsk9Bp3ahmLDxRLV0OHihokIFG0xS9geGK0Dg3uSFLcdOt8FQy2C5L_NckamBW-ykeOzmUlGc4IpnCroO14MmcCKaXZokZNil0OsVmWwxYHzXkp1QRRkQhJK5jwXfAV5MzF9ASnS7tV9FnqjOSccjhGgboC3LB6rZPHce75hz2oSY9jbEXby4InYM-QQZWew4dHCGV_4inlgeTUNrdZ5N0xj8syaY0s4bjOtEl0OZW9ZoGap18JzpDJb9j6yaR1W5JofxDloVkrimAJVCVAJZ13wyl1iKzAAstC9Tp--Xgf1UP9JlcoygngkNs6e_BxX2Vi1ANijya1aATWi1TIu4KZN7CXgTsNngVK2YFiiN0sJ6IAp1mj5PcOOxr_DJrAptKwJrvQnuUjZ3NukUGOOPOGpYaeOb60AFZM0_j5w_Y6SGxMqmDlKIxqUXlHmlLs7g62RwrVG_kiJatVDYZERq34KkVrMLcbLWwYUxTB3U2ewAN_DMF_NcwTqKeYOMHFk7lA7CvBZTICi_46lsyRmOpbIZ49fbDPNf6JbZt6HBVZqQDS1DyKffSdvdqGgyl_DvymvXTBvNnCWnBui9VIeeLXVMf6pbupupsqrxQBmD1Xt46aYd2Fy7bz_b0ZXwkkm_UWUajC2nKwLc04RCKprjiBLS2jmBZObi6rzdab-CarCMJqhE9FE7iKxkprtyyN2RpFYwSNX7C36QBR_mXfJcy_xQepLaAjaJDESpIXKxitFmN8Z-pFHk_1tbhgFuQ4vK3mVlocW__ljV0bF837ER89diciomjkoBqXkPBn7-6YPiMzlh2KGofgUevA8fzmPvRewZQyIMyTXvq7dZ60OKRw2fUxoiaHb-r8BcxRT8UGx-ptyJWhr_-BaPsKsauxBhMW3ARxlSZFEjkVVkNfsLPxcmge-M2aEHajTEKIbpZLiJbqQX400TYUgYRq-H1B6Glm_9Pie7dyXRCR8VTGXJ8cZ20EF0qGUzL5YxJrrLLEWJnu9v-j1AHk1l0YhAiOzGoff5w1f0foRDpV2TtTKRYAEyZuuXA_ougWe7HU1WEME3fIwKX2eohty6IV0xtA_SSFubAlQYy9v9gWyiynmAfj1Anh-uuUcZWxSlpT0qQEYo9lQX6kKFnOsTPdFtcg2XhIH6LVX_bX7A-WaL2ZO0ksqw2_uQKfjnfjjVH9v188hrmkGQFPyqm0p9_HvlfwMIuOLwpJIVtPjJcDGaA-dv5WvFKdEwOfHjhCM7rMv8JeO7xxB8WNC6UFj8thvGj0YzaIuc27ZGRFk3oS3gEMsmJYvWeZtZ3sk1yzmUwsxN2hcphwSG6DHsoxMgUZ0r7s1NqtOaNkkaQ868nsq9S5WuugIv4ayAkE2Hn5KJMlxtWvNOcCyud9Zf8o9qxSFsnvgjtK2mW4iU_yJE4NdSzWav6cTJxW6DdprG8OisKvPoNi302rBGrSixRlqA16rxJ3RvhB_aeQ0T2l2xBUWVUelVuujy0RPvaZK5rJ3mfW1vmIR1t7S-p5ukA65kg9s0BGL37RZ1mj-TB8po7hd8mGFdQlPBI9LCc84QEur4mq8BnWZ6QLYYLXuP0LHn9zMwaDDcXhJhQlj2t2LKXJbo0myunS9wYyJgGgbHQPaOURMvB2-Z8rJlC6raGEWOhTQ1NvBUMu5gxTrHvl4VCp_Je0SZbcfM2uXGvdg47_HQj08CQOXpJjJ84P4cJuwpBj82eq1rc_h-kMU3rp1bG-J1fFuELrR3XJPYijfLgijrt-xTB_eAoWi473RImDnNeAfimUmO_4k4cVDJAK2r2eeHNBHj9H0hzKvW0skf6fp70xGe_gyk5xsdpoDlLfzqtnB-xKuBvR0WDLumHTpq3UMrJvJGYvwSlpfZAGjzcZmr8yC-EN8VwYlXemrHCAqjMoUCfpJVHgNG_qZDm4WAXFzDX3OOp7qkshRbXTNus0LR0JimSPeXHXwdxid17MYTg9gbGDcGNWMq4VUmCm_imASFqvEh8QSuAZHrO4CmM_BRiPL41nK90sfVnnLj3ped1RZYoAMMWedn8DD-cNleFxOvXtGD8irVWPJWGIiRmt9ZEEsAJJaH3AskiVTYu4gHtyprZbCk1SfB7YcUJA8t5hFU0551ZCCSlBakG-wWYG3KazfNKcSrG0UPaSOYCl3f1hiM-6gOJVdJGQUV5mpZdYlO9cKRMkPflXwoFpO4ndoA6CH4AjS1aY50GRJ9zW503Do8kq-s_1cNcI9UEM3uo7BhMVbxh2qXDoUZtKIdIuouJ0-YN2GRQo3zRUO843Z85KT18s_cC_OC2L8DkWPg_F4lEkhn4uXvGiWY_i2UG0tUhBYlEo3ngX2aKza2Re7gmwNPB650aUOq3Qbf5hu5wTJLQybPTRTHCWIRmpWon69r8Kr8gJKviGzw57w8QL7D6CcsmJA7Chxlw85J5jsFfq5OzyxfQoAe8Us_PqD1WxF0O5Kzw004VEsV2lQJQUfQqaKoOcCXwx-3DGJD9mG-8Xk2f7ZJGPZ2hN6bcyp3JF7UbltAFhrNABgyI9th6_losLH3gUIkSetu32lkBjjtrLeH_m4gfpDN2x8kb9h4MKaDzoYoG0g1Je8tYSQjoO535NiKwdN54yQe0caVTX_IpyqwbgrXaDBltZkdUrsn6-pMIoL3EjqUp7DKLEc6_Ci_E-V7Cz4tyjALQ7lLEQd&cid=CAASEuRop17jxul3w6_7yIPjq8WlpQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 15:40:13 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 892B 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 15:40:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 892B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGq9FFAJu7tJTp76p4B9MmxBJG2UJTDEoAa_paBl9kGP5NPCkwHo1hv-WODZY6UuOWxYpV_bkGNggBvAbNcIqYsHUnvqLQ8WXzmMofcsfSY8LxsfW36qeghC3pBw4LDdglxy6ujm1G0ERdDzxzh38zyhp7Q&dbm_d=AKAmf-BvBkhb3M3GR7cL8fb2jyxHvO1LoHpQ8kBO1wU0bI1cnqia3OS4XqQZLKp5GHEXeuvzIGvn32j1sS1zYtbZIG1GR_uPyS4NPUiql4xY-vLRyQidLHMIIsgk_plg6JR9o3nYYuYg-VxWnR9_h9tSrcQ9xF7RgtTcA0TiRMLOq4qP_UpPad6GKItln3PqTW8Xt5atPR_CEZZG220FIBdqrlPa1V9wtA9RsV8Jd4IMtwZvMQPiqC6sOIxYMOm2DgiLXxQuJGZcrfCdZ8g1hR-5NDwyicKXbtGTKvgFawCOe_HUj_XG5MkkXZfq_3jJBhlqJ9g67oxc2Vlx6sTHVEdRxYtB96yDL3t6RNuBSOFZ9BMlfqP26cUJD9mBjZt_sMCfGuMfKEE5BtFpM2eTw-9_wjGgFZCvoawudvq4JJdFblqjPXVIyu-9CvxGVtxg2Dq2JBPX7Ffkd9cnevJJDi80LudGZWVGcros5UmiP6XymJ1kDNNAR8RLdNNNnXV4iyK9paRYCEarCysN1PaWkv-3_XBLYsEJ4-DmiadzxZUzwN-8GqOVWhjGtQadaHXFwN2hpL9R0FHLvTYXkrLbVaP-OPe1UBgTLMOdJPfYgWFRgu5vTRFcgiI2XVAXCvFqc4YhFcyXY-sHCsmy3HEJ_U33JSULDTC1HMBXRdkXO4ZfHS0sMeTKd3cvzg705iDZAHtyV__OhyhzF97IGcVGGluU99GG8mOFWE1E7Pyd3rcWBqO4pm0fmWwmE-lZdxgRQSiV7wxCb4Rw56v_JkfsU2QQo6thR4-SL3W31qQdkdgy246BL7vNjQaIcYFaq5SJce6Z-8fanT13TVQssZNZe73RMS3RA1cuLV9Mr9qE07oddlmCKpJlMZs1OaS3qTTi81M8tfFBXCrJl6vnnNvEpPTS0Pjz-ppX0pyst4eaSni1oCFyc4z34K_DfB1ibdru16OvaPF6FobyU-mHY7tYyc50d5Wh0mJW6wtxZj7f0q3m_44nmmcq-VIKfz3qn3RCz2QppF0J2KkWwv5RTRfGnNhzWTUXj_RjxeG-_tk4K6XMRmzdTZ8OyBR04cZeTSWyzljQ9nzNJHL6W8LUnzhV8dHQDFgarDErTeFSokcJIh3qN-XzSivROhNiryZmCq08iAxccpVLSnRpAbEB8dhLgWLIpPNW7bXotwn1EEHcaAsVYjxzp8uP0HJe_WRjFxX-2DZ1ADG1eSaFuBybW7xwiBBKuThu846E1MFXs4bc81RpWd66yf7i2FhOvEKnjmZF2BI_OIP8LWa1-7gDIoOH8extB-aCizt7DfcAB1MccMLB85PaY2CZVAapa7FlSo520w7PMGq1pqxfABRlnb5MVPgAeF16-pWi7I72tZKG8NOLAWmd73HnJoBxIhpFDc4i0LlrcIBSoIahVmjgvoy4GpKze-wr6JrV0WZTZvfHXm1He0yaAMsDtvtKIljQCoe3kbXchzgub7-3gHlPemM15s46QZQ-mQzcGHNyrECrX-qpvVea5qwaDB5PFy-IQFcKM6wDvS6Mq_L3KX_2L0bn5BIalG1Ebfods_e-J0Iuy-Z9a9Mii5_RW3K8_OkuvElgjHl0AZX-ouys1ubd0NUXcjcUehHBtqi3Sp5tU6WEvmUe8eVuo_QgvaLnCXF1lPiaK7Jrji5rwK9X386YmLjolFTLdb-5vMCgvTCbD2hACSz3sAjCnnY6DJJD0d8H25J3JAcP56dKKZFjr6VV47whEp5S-N2QhtZFTqn9YngI8sRAdAm1EHl-gyTDEWF00vWfda-s8536ZjQdhzcr2nOL9FmDPJtZ2V0S0NeFZRdyrrBbi2waZJlJ9EYcTIwnbhweESTld7l_k5wCAJqeSBCp2-Ur75xPI3A0FJEh9RUY7Ukyu5--io-gDfZXKejLt-i12TZo04SyJQisdgqRqluldiH_BPRfa2DL9Yh2om98QJjCZbJnpeaNixjepImo0tU_PtGq7XBEsrh2Vsdctoej0B-t3qWtTavRPcKVot7WqTzezcgRpZP6iG0MnKVzrVZ5EzgKORLRRBwVuGQmMgJTCTUSl9TaWWGr2lYasLBG-f_RcX-E2fWXH4DQ4MGGsbcr3NSCK1GnpXP1el-PzWbgdueS00T_Lph_KaKmFUJoUYeaKAaD6htHYOHJuGTDeWf7lpYKd9QCJuCu3lG-a2wWRTvaKHZbotgZXgHhy8eL0Jx0UoVMXuVyFUq2Lmsm3IdDH3mY-VOluy5jc8abl-F0G9cWnB3CWlqqsX4RaDCGcclSQjZ4b3j3LifMob7ZnMKjwXZwps49UBjT5JzSBqJG-Fnw-pCGKlsZQbYzTfMtejcAVJQvG_Rw2ushBYxcAL5frjhVd788bWU7Sl32SARlLA7FPRcXdYQFJxNGb3S7Kk7fE-01WMiHXk6BNa8r8ZqSbnDuV_Pwe0rixKSvPjzlbWDA8TrgrwIKKPdVFvAUodMRDevEsD7YJvNt8AjM-EiKeExmhg4OmnbCJO1gocJ-Z6Ekgpn6Vzgs0Gc-_hMRvuK9KPjr1zEHgUt8DZKZcfUNDzyV75Xo4ZD210ZSa7tnMA53_HWGdpIGNwElUJUYF50f4Vw8yKXWuSp_Eh1eUVV6uhEuEYUf1juz8uZOK_kOW4COeP2N_CTXbngR9x8Hux0L3sl9RT2JOx5BKZe8bpA-nw7Y7pl1WR1tEgkj7OKOgrs-GCMZfG8uVlVgMeSqWMpTn-Z5YX1FT8syBmYUT2pcS7nY-FjToQDRpGyBgYaPegrGHIjFRlOjfDrl2q5tMP-V0BTcGPrOSbPzAgg3FNPZsc7Y4K67NaSO2Cfc3mrPUQlD9CsmlJfm8PQsEnSpSyiHhKnMLMOVdxN5tKOuJCXzVkhk9Hb4_hstMQOOzTsKKG7aE05LLcFq-uKi-7A2EDZ4Iipqr-Xe8VWuYXVnecaEfxrFC2cr8TrcZx5lOV27IjKYZDNn8thrs0V-hHl1O_3_S-PYTvndZftbkMTCibTjQJH4TautuWBe3W-FjSJqOKwDaXoCYWfrWw&cid=CAASEuRo_8L89W06ZIyE4IThcGIRiQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:45:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 892B 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGq9FFAJu7tJTp76p4B9MmxBJG2UJTDEoAa_paBl9kGP5NPCkwHo1hv-WODZY6UuOWxYpV_bkGNggBvAbNcIqYsHUnvqLQ8WXzmMofcsfSY8LxsfW36qeghC3pBw4LDdglxy6ujm1G0ERdDzxzh38zyhp7Q&dbm_d=AKAmf-BvBkhb3M3GR7cL8fb2jyxHvO1LoHpQ8kBO1wU0bI1cnqia3OS4XqQZLKp5GHEXeuvzIGvn32j1sS1zYtbZIG1GR_uPyS4NPUiql4xY-vLRyQidLHMIIsgk_plg6JR9o3nYYuYg-VxWnR9_h9tSrcQ9xF7RgtTcA0TiRMLOq4qP_UpPad6GKItln3PqTW8Xt5atPR_CEZZG220FIBdqrlPa1V9wtA9RsV8Jd4IMtwZvMQPiqC6sOIxYMOm2DgiLXxQuJGZcrfCdZ8g1hR-5NDwyicKXbtGTKvgFawCOe_HUj_XG5MkkXZfq_3jJBhlqJ9g67oxc2Vlx6sTHVEdRxYtB96yDL3t6RNuBSOFZ9BMlfqP26cUJD9mBjZt_sMCfGuMfKEE5BtFpM2eTw-9_wjGgFZCvoawudvq4JJdFblqjPXVIyu-9CvxGVtxg2Dq2JBPX7Ffkd9cnevJJDi80LudGZWVGcros5UmiP6XymJ1kDNNAR8RLdNNNnXV4iyK9paRYCEarCysN1PaWkv-3_XBLYsEJ4-DmiadzxZUzwN-8GqOVWhjGtQadaHXFwN2hpL9R0FHLvTYXkrLbVaP-OPe1UBgTLMOdJPfYgWFRgu5vTRFcgiI2XVAXCvFqc4YhFcyXY-sHCsmy3HEJ_U33JSULDTC1HMBXRdkXO4ZfHS0sMeTKd3cvzg705iDZAHtyV__OhyhzF97IGcVGGluU99GG8mOFWE1E7Pyd3rcWBqO4pm0fmWwmE-lZdxgRQSiV7wxCb4Rw56v_JkfsU2QQo6thR4-SL3W31qQdkdgy246BL7vNjQaIcYFaq5SJce6Z-8fanT13TVQssZNZe73RMS3RA1cuLV9Mr9qE07oddlmCKpJlMZs1OaS3qTTi81M8tfFBXCrJl6vnnNvEpPTS0Pjz-ppX0pyst4eaSni1oCFyc4z34K_DfB1ibdru16OvaPF6FobyU-mHY7tYyc50d5Wh0mJW6wtxZj7f0q3m_44nmmcq-VIKfz3qn3RCz2QppF0J2KkWwv5RTRfGnNhzWTUXj_RjxeG-_tk4K6XMRmzdTZ8OyBR04cZeTSWyzljQ9nzNJHL6W8LUnzhV8dHQDFgarDErTeFSokcJIh3qN-XzSivROhNiryZmCq08iAxccpVLSnRpAbEB8dhLgWLIpPNW7bXotwn1EEHcaAsVYjxzp8uP0HJe_WRjFxX-2DZ1ADG1eSaFuBybW7xwiBBKuThu846E1MFXs4bc81RpWd66yf7i2FhOvEKnjmZF2BI_OIP8LWa1-7gDIoOH8extB-aCizt7DfcAB1MccMLB85PaY2CZVAapa7FlSo520w7PMGq1pqxfABRlnb5MVPgAeF16-pWi7I72tZKG8NOLAWmd73HnJoBxIhpFDc4i0LlrcIBSoIahVmjgvoy4GpKze-wr6JrV0WZTZvfHXm1He0yaAMsDtvtKIljQCoe3kbXchzgub7-3gHlPemM15s46QZQ-mQzcGHNyrECrX-qpvVea5qwaDB5PFy-IQFcKM6wDvS6Mq_L3KX_2L0bn5BIalG1Ebfods_e-J0Iuy-Z9a9Mii5_RW3K8_OkuvElgjHl0AZX-ouys1ubd0NUXcjcUehHBtqi3Sp5tU6WEvmUe8eVuo_QgvaLnCXF1lPiaK7Jrji5rwK9X386YmLjolFTLdb-5vMCgvTCbD2hACSz3sAjCnnY6DJJD0d8H25J3JAcP56dKKZFjr6VV47whEp5S-N2QhtZFTqn9YngI8sRAdAm1EHl-gyTDEWF00vWfda-s8536ZjQdhzcr2nOL9FmDPJtZ2V0S0NeFZRdyrrBbi2waZJlJ9EYcTIwnbhweESTld7l_k5wCAJqeSBCp2-Ur75xPI3A0FJEh9RUY7Ukyu5--io-gDfZXKejLt-i12TZo04SyJQisdgqRqluldiH_BPRfa2DL9Yh2om98QJjCZbJnpeaNixjepImo0tU_PtGq7XBEsrh2Vsdctoej0B-t3qWtTavRPcKVot7WqTzezcgRpZP6iG0MnKVzrVZ5EzgKORLRRBwVuGQmMgJTCTUSl9TaWWGr2lYasLBG-f_RcX-E2fWXH4DQ4MGGsbcr3NSCK1GnpXP1el-PzWbgdueS00T_Lph_KaKmFUJoUYeaKAaD6htHYOHJuGTDeWf7lpYKd9QCJuCu3lG-a2wWRTvaKHZbotgZXgHhy8eL0Jx0UoVMXuVyFUq2Lmsm3IdDH3mY-VOluy5jc8abl-F0G9cWnB3CWlqqsX4RaDCGcclSQjZ4b3j3LifMob7ZnMKjwXZwps49UBjT5JzSBqJG-Fnw-pCGKlsZQbYzTfMtejcAVJQvG_Rw2ushBYxcAL5frjhVd788bWU7Sl32SARlLA7FPRcXdYQFJxNGb3S7Kk7fE-01WMiHXk6BNa8r8ZqSbnDuV_Pwe0rixKSvPjzlbWDA8TrgrwIKKPdVFvAUodMRDevEsD7YJvNt8AjM-EiKeExmhg4OmnbCJO1gocJ-Z6Ekgpn6Vzgs0Gc-_hMRvuK9KPjr1zEHgUt8DZKZcfUNDzyV75Xo4ZD210ZSa7tnMA53_HWGdpIGNwElUJUYF50f4Vw8yKXWuSp_Eh1eUVV6uhEuEYUf1juz8uZOK_kOW4COeP2N_CTXbngR9x8Hux0L3sl9RT2JOx5BKZe8bpA-nw7Y7pl1WR1tEgkj7OKOgrs-GCMZfG8uVlVgMeSqWMpTn-Z5YX1FT8syBmYUT2pcS7nY-FjToQDRpGyBgYaPegrGHIjFRlOjfDrl2q5tMP-V0BTcGPrOSbPzAgg3FNPZsc7Y4K67NaSO2Cfc3mrPUQlD9CsmlJfm8PQsEnSpSyiHhKnMLMOVdxN5tKOuJCXzVkhk9Hb4_hstMQOOzTsKKG7aE05LLcFq-uKi-7A2EDZ4Iipqr-Xe8VWuYXVnecaEfxrFC2cr8TrcZx5lOV27IjKYZDNn8thrs0V-hHl1O_3_S-PYTvndZftbkMTCibTjQJH4TautuWBe3W-FjSJqOKwDaXoCYWfrWw&cid=CAASEuRo_8L89W06ZIyE4IThcGIRiQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:49:32 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2CD0 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F8df72cd3-96af-4a19-bb21-7be5baa62b32%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg4LCJzaG93X2lkIjoiOGRmNzJjZDMtOTZhZi00YTE5LWJiMjEtN2JlNWJhYTYyYjMyIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D54ffca70dc04904b04f523f5caeea8aa&showId=8df72cd3-96af-4a19-bb21-7be5baa62b32&apuid=994efe04-d65e-470d-805e-cbccac7770d7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82771e4d6525355863d5aaca06c8b9733b54be3d18a9e1cbcab4a19df0a6d9ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36257
x-xss-protection
0
server
cafe
etag
14497036485694544980
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:48 GMT
userconnect
ih.adscale.de/ Frame D8C2 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1652676588409&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-length
149
content-type
application/javascript
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6984 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:07:47 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
zdorovia.com.ua_970x250_ruslan.html
file.adpartner.pro/2085/2085828/ Frame B421 		702 B
601 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fa881dbe0-f2af-4ae0-8864-0bb07b6a57f0%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg4LCJzaG93X2lkIjoiYTg4MWRiZTAtZjJhZi00YWUwLTg4NjQtMGJiMDdiNmE1N2YwIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd59b5e85cf6ca97c6eb734b14d9d184a&showId=a881dbe0-f2af-4ae0-8864-0bb07b6a57f0&apuid=994efe04-d65e-470d-805e-cbccac7770d7
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
316e3dc1c04794cf25da0c0373a95b0c87fa59b9d234ac5d17e1710c159e42c6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Mon, 16 May 2022 04:49:48 GMT
etag
W/"6151a891-2be"
last-modified
Mon, 27 Sep 2021 11:18:41 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame CA4D 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522a881dbe0-f2af-4ae0-8864-0bb07b6a57f0%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522a881dbe0-f2af-4ae0-8864-0bb07b6a57f0%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Mon, 16 May 2022 04:49:48 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame C316 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522994efe04-d65e-470d-805e-cbccac7770d7%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522a881dbe0-f2af-4ae0-8864-0bb07b6a57f0%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522a881dbe0-f2af-4ae0-8864-0bb07b6a57f0%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Mon, 16 May 2022 04:49:48 GMT
expires
0
pragma
no-cache
server
nginx
ptrack
a.audrte.com/ Frame FD01 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.105&p=M1353665098&artime=2022-05-16T04:49:48.445Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
bd9063283366a0cfec62ccc561902b293f53a490fd8a69eca7c3dab5c0f02a34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 074D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
47375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:40:13 GMT
expires
Mon, 15 May 2023 15:40:13 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 892B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 15:40:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 454F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
82564
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 16 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1D02
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:48 GMT
expires
Mon, 16 May 2022 04:49:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:48 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
map
ih.adscale.de/ Frame 23FE 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d4835c42ac9bc594b5c9ae153cf67918d767358e1864dc08d005a0b60a79142a

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
2792
content-type
text/html;charset=ISO-8859-1
date
Mon, 16 May 2022 04:49:48 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ Frame 2CD0 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bbc35bcf5df4d9269bfd011b3c6565d6d5e7bec9e0b4bba67efd77d09035184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112603
x-xss-protection
0
server
cafe
etag
10266620147711546653
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:48 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame C118
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/970282/61278885/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_ty...
  • https://www.googletagservices.com/dcm/dcmads.js
24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 03:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9377
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:39:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 16 May 2022 04:50:40 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame E5FB 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 02:32:42 GMT
content-encoding
gzip
age
3550627
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
nbbBFlYOCZtcFlNkbH4XMeEcCYDpjsan5IduQGy5PMdtX-rAUKTTWg==
p
a.audrte.com/ Frame FD01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=&google_gid=CAESEPgRzG0uQqZtaLRezPkhtN4&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:49 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame FD01 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:48 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/ Frame FD01
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8624539296363438648
  • https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:49 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 16 May 2022 04:49:48 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 May 2022 04:49:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B421 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fa881dbe0-f2af-4ae0-8864-0bb07b6a57f0%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg4LCJzaG93X2lkIjoiYTg4MWRiZTAtZjJhZi00YWUwLTg4NjQtMGJiMDdiNmE1N2YwIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd59b5e85cf6ca97c6eb734b14d9d184a&showId=a881dbe0-f2af-4ae0-8864-0bb07b6a57f0&apuid=994efe04-d65e-470d-805e-cbccac7770d7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
149dd6b406978b260d4c59ec9b7a7b816ea104e02f3644becc4e640e7b368f8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39584
x-xss-protection
0
server
cafe
etag
737801330963850129
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:48 GMT
truncated
/ Frame 892B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2725c90a857b1d2093a78ece9e427077d87502a492a8ba40f8a498db4305754

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame C118 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxUQE,pingTime:-3,time:172,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:172,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxUQG,pingTime:-6,time:174,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B168~0%5D,as:%5B168~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07B8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
34273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 19:18:35 GMT
expires
Mon, 15 May 2023 19:18:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 82F4 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aeaaad610062091d2df0f1430457f09e7fb36188e40aaebd1ef5ff78676d38aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0YufrgxgSIqdAOVtfOe6ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-0YufrgxgSIqdAOVtfOe6ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
expires
Mon, 16 May 2022 04:49:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E34 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
34273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 19:18:35 GMT
expires
Mon, 15 May 2023 19:18:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 40FB 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c5b1438769279c2aed720f1c01d3ff77c1850247a1b8813f87e46098216cde73
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uRJ6wCr0YhmZQEsgxkVSSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-uRJ6wCr0YhmZQEsgxkVSSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
expires
Mon, 16 May 2022 04:49:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5624 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
34273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 19:18:35 GMT
expires
Mon, 15 May 2023 19:18:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8625 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
98cf4363335cf3a6bffdd5f44ba7f6ec0b463f6d5dcab5906512e87f2782d944
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NTcEsrR2dhaUKiCcaBXpiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-NTcEsrR2dhaUKiCcaBXpiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
expires
Mon, 16 May 2022 04:49:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
match.js
js.adscale.de/ Frame 23FE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
jIFTBc.033YlxSLb45NaqclVd_VhXnmj
content-encoding
br
last-modified
Thu, 12 May 2022 14:50:05 GMT
server
AmazonS3
age
7175
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 16 May 2022 02:50:13 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
2ZzopAibKz8zkcT4NVJu3S4s6YBDa5M-VXDCwLtFKEm1cq4H5V0gCQ==
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxURF,pingTime:-2,time:235,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:458,mdZ:711,beA:841,beZ:842,mfA:843,cmA:845,inA:845,inZ:848,prA:848,prZ:870,si:876,poA:877,poZ:901,cmZ:901,mfZ:901,loA:1015,loZ:1018,ltA:1075,ltZ:1075%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:235,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B229~0%5D,as:%5B229~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:198,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 318E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
47375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:40:13 GMT
expires
Mon, 15 May 2023 15:40:13 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iframe.html
p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 78F6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
fe4acd4879f7b0ba454b516714141a530961c843fd84dbe44311314e78cda592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1862
content-security-policy-report-only
script-src 'nonce-MFyPOr_0iCNMika4jPhb-Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6984
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:49 GMT
expires
Mon, 16 May 2022 04:49:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 04:49:48 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
200x200.html
s0.2mdn.net/sadbundle/3689830131456613378/ Frame D8B6 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3689830131456613378/200x200.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c0319043490791623fd03736c9fcdc4524c333e0382b7e6a49afef77522d75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
308323
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2224
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 15:11:05 GMT
expires
Fri, 12 May 2023 15:11:05 GMT
last-modified
Wed, 11 May 2022 14:55:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 892B 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwIp3Ws2n_pS7cWr-uaaoVyNyTaL67dsOMw0jrPVRo0h8-ts-vgP7M2oPV7bNTJyw2U9JjUHqAFYOJndbE6hK_Qr8m47p3Rw2O-4e6O8foQfEWWChM5v_8SMj7DO2oJwKyqXhK-ocfgdi6yN971YDOHikpRU8CKDPrh_7okP0wed6FFKr-l6JPlzbGIlEUyeBDDYNc5G_VcfSxaBPXWJm4JeCdj6IUpp9kVUpgMyjBSGqCjJNgSME1msJPyrpfECEDNTmtUSfMZUXYlowSCvkd7HC9AEkDDBXcp1SRVFg2RPuXd_01Clx9j6huptDeNvwuwONcaQ91OMJeQGLpGtO_jfLXmzayfMkWNnbnx_o_cHqTE942tVsEbS6_eqEW-4pIqMfZxm1IyuMmWlhFOxLJ80tqF2tWHgwP-sQ3VrdGdqkxDietPX7pDQdKlF_TTmaDgRMY6teGKinDfZTO82Q-YjrpFW1lGric-0b7xqN_3ttb3xbGkIDKZ9M5tCmFOzYtYuAZhMvgaFOFFUM60lhV6jCGB7BUN6CsZay7Uu3BYZqljODiHzrdtmSG4YSzCdNdVl6j1ZOMHvNhFi6e_RsfLpzd_7rdIIrcmoxUm7uhs_znUGoPRWByw1LeTc9CqTK46zx803zCsQTDNki9vgBBUqGXO4xhuJMIT81lCZsQ44hBc2degYH-Dw2Fp9lriBUctMkFkAXa8yP8DX_OG5RUWnsHWZbgoWCdJwdRktyftJr6gOQZB-O3CW0HrlsQ4MY3yzi-wVpl1TkKltNedZPel03ObN8OkSSXmCPQZ2vg_8w6kDiPNsSy7jtr-CdHADSh03Tb5yBp3b2JY0_gPXRHDrrKKq9kszwFt7OrpW86EykgtSRzg_xXusqURFGnEWNUDJLJqCc3y30cuHjJGiqtMovRBbZUwtkOk_Nwq76RuI_luxxYQl9F4BXhzaQSp2PCQGuCuKXqlbUhD5ISGSIa4xT0n0XhyceaMg73EpeyKu5wGKFZyM2oosEj7z2ZYXA7a1V-9h_pjp31OgecGPceeCJKpMIarDDtd899FEPV78ONG8gtkbse8RJwPjFFOzXN24oiXoMYgcrs1vhhBQqglkY9G5nqEAWTS0nohungT0qAsBYtZHwkSuOHNSmKUalZonadX4HmC7nf9Q967oZ4Z8IEW-T09g&sai=AMfl-YSoS6zUMXqRebC-vBuaVC0YAPt20XrOgHDEvXr5AKCKiUBhKlWFMThqbjOiBzFJZzLpVPSG1Srr7n7fgjcYJRuH1HTbTQQCLMOWyGDchmQ4BeDqakqRbIqjxw8llkoqkQmb_cA8MSTG14NJdRsOiope219R9w&sig=Cg0ArKJSzDVK2K6OFGIHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=488&cbvp=1&cstd=484&cisv=r20220511.59817&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 16 May 2022 04:49:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27815369;s.a=3213511;p.a=336160545;a.a=528132699;cache=230036174;
ad.atdmt.com/i/ Frame 892B 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74D9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DoCfIY1aI9KxGzttNDHMI1Dmusdp-TFA1C_7wd98bmFZ2vwoTlxOnK-BfjBJXYpYl2RNueMk5459zOO80nYopecblzk2a543et2T3hxA8aBLlnGHM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 74D9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:49:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74D9 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:49 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 74D9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:35:15 GMT
l
www.google.com/ads/measurement/ Frame 74D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaGnmsDcQNzQ026nQAeSc2RC9w3NjUSASfLR1bVyuy2ATYf12ojNRRWBnAMcAP05-k2IC04IBGvMshQbmHrgdf95dZQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 454F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENhZHFvJ5AwRjFL-74npNVw&google_cver=1&google_push=AYg5qPJZ6P4BKFrkXiWp9U3umH1cLDLmHwJwoXxmHk-54hEXwzd4yoLAwq...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJZ6P4BKFrkXiWp9U3umH1cLDLmHwJwoXxmHk-54hEXwzd4yoLAwq4hH8jubr4GNPKbiAh4hx6pFMKHyMED0cJCR0OB0GV1&google_hm=YLErkZqdm2hE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJZ6P4BKFrkXiWp9U3umH1cLDLmHwJwoXxmHk-54hEXwzd4yoLAwq4hH8jubr4GNPKbiAh4hx6pFMKHyMED0cJCR0OB0GV1&google_hm=YLErkZqdm2hEB0cVdZBUag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJZ6P4BKFrkXiWp9U3umH1cLDLmHwJwoXxmHk-54hEXwzd4yoLAwq4hH8jubr4GNPKbiAh4hx6pFMKHyMED0cJCR0OB0GV1&google_hm=YLErkZqdm2hEB0cVdZBUag
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 454F
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLbCjVD...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLbCjVD...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MTYwNDQ5NDkwMDAxNDE4MjE5OTY3NQ%3D%3D&google_push=AYg5qPLbCjVDbvtn6rHhah2LsYqlLSiPtODl3sFOZd60eN22ZPnnpzeBwwLHNWXRvmQhGs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MTYwNDQ5NDkwMDAxNDE4MjE5OTY3NQ%3D%3D&google_push=AYg5qPLbCjVDbvtn6rHhah2LsYqlLSiPtODl3sFOZd60eN22ZPnnpzeBwwLHNWXRvmQhGsDV-9z9lBSfsnfODw3Fx4wBut9YLs2u
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MTYwNDQ5NDkwMDAxNDE4MjE5OTY3NQ%3D%3D&google_push=AYg5qPLbCjVDbvtn6rHhah2LsYqlLSiPtODl3sFOZd60eN22ZPnnpzeBwwLHNWXRvmQhGsDV-9z9lBSfsnfODw3Fx4wBut9YLs2u
pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 16 May 2022 04:49:49 GMT
sync
odr.mookie1.com/t/v2/ Frame 454F 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEI-9U48Bi0IrnHvkPrOUloA&google_push=AYg5qPKOdFuo6nmBz2xcVFdwJZJG_UCDBSkQ3SdJLXeRv77z8BRGKs0vX8GEzmDFk04iv__upMUqeyAQIoUO0RXHxrB1nXmF3-lR&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 454F 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHc14NYZ_ZDHtckqtoVHPRw&google_cver=1&google_push=AYg5qPIl1rODm-jZtO8J_AMW6PfRJMZTzy14sOnKj_pT9cw6MuGxBUFpKqbHgUnJ8DChTL62ECftMeeh3teZOw-Pj1QVMbWiBYjq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
i5jomj7kva51u4j323eatc7ejchpb0tl
pixel
cm.g.doubleclick.net/ Frame 454F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLWn14yaKofUThLG_HTtEVGh4bbD2JfXXLPPPiLm065gDuTkDSoUkOBAtkoxAm-fy4WIHr0kTKGU5tAkjY9jXvduWnlFKnu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLWn14yaKofUThLG_HTtEVGh4bbD2JfXXLPPPiLm065gDuTkDSoUkOBAtkoxAm-fy4WIHr0kTKGU5tAkjY9jXvduWnlFKnu
date
Mon, 16 May 2022 04:49:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 454F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBNcpCb-7WYvq3w24Zm6zzI&google_cver=1&google_push=AYg5qPKwwu31FFk4N-N4GzlwzZ-uid0v5zzqLWAiDrK3AKlQ4A_PtE4C56ERwU-4C0E0FEvVo45...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlYRTAtMTEtSkUyWg==&google_push=AYg5qPKwwu31FFk4N-N4GzlwzZ-uid0v5zzqLWAiDrK3AKlQ4A_PtE4C56ERwU-4C0E0FEvVo45DjWkwC92C5EzbplW7XCKrzD-U
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlYRTAtMTEtSkUyWg==&google_push=AYg5qPKwwu31FFk4N-N4GzlwzZ-uid0v5zzqLWAiDrK3AKlQ4A_PtE4C56ERwU-4C0E0FEvVo45DjWkwC92C5EzbplW7XCKrzD-U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlYRTAtMTEtSkUyWg==&google_push=AYg5qPKwwu31FFk4N-N4GzlwzZ-uid0v5zzqLWAiDrK3AKlQ4A_PtE4C56ERwU-4C0E0FEvVo45DjWkwC92C5EzbplW7XCKrzD-U
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 454F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_push=AYg5qPJKn7gqAKo7656CsEhxVTy-7IFfVpFOG9DHDzl2yYgCcNn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_push=AYg5qPJKn7gqAKo7656CsEhxVTy-7IFfVpFOG9DHDzl2yYgCcNnlutGlzcXSXhv5obhWDnznFaj-17o2qtLC2mEjcMZ1szzgu_wM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_push=AYg5qPJKn7gqAKo7656CsEhxVTy-7IFfVpFOG9DHDzl2yYgCcNnlutGlzcXSXhv5obhWDnznFaj-17o2qtLC2mEjcMZ1szzgu_wM&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Mon, 16 May 2022 04:49:48 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 454F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2IM3pEkCKylvG4dgWhSLInJ7IQRHV9K1Ai_eF27Ur6X0cNbeEM7qfa79OxtIWLLAe7VLv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417939&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1652676587&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1652676587486&bpp=3&bdt=383&idt=332&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=600936410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531549%2C44761043%2C31067544&oid=2&pvsid=904108839873201&pem=550&tmod=454237783&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.rx77fngd0mf9&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.co.uk/adsid/ Frame 2CD0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2CD0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6255 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b885e4187760e6e4cf682cc80424625e16327efb8d2274929077d8acf3007cc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
8090
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ Frame B421 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb456fc6973f7f43835192e0502b08aa19971ea6631c8d8ac37618b50770b3a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112597
x-xss-protection
0
server
cafe
etag
18389845319223926763
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:49:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B8F0 		586 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD3qGIYvbW8xwEwAQ&v=APEucNV7EpRTzypyz4V6latyt4PBWY-14wV0c-M8uycMfrK3mvDsQZQYPJ_MG_Ga85ng9h0nlqhMlE6jhbsrEHwpOkaWi1xh9Vola3AtKGzgHS0sp7PWZHpDrGnLiHR1Tt1POZmaWrl_LNUgLgbNJTbGnDyHJ3eaQ3SqX9HdjO2KgO-2KDPbdKU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 74D9 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWUGNpiDTanzTJm_NGJxT4dKAKowuftU-NGF_SZNOjKKuUoNjE5f9duROJZSJhGswpM0W8Q6bZPmoKBvEpwZwG3RI7YEqKHhaO0Rs2qNqcagMKP52R6KM_YZfx95ccASJjcvmC58PdNutXjzvXB2M8JXv3cA&dbm_d=AKAmf-D2GUE-4MkRr4TUa9q3akvlkA_NmXwMaHWQ8bsKevIlURQTXYMCiXd5ATBXAX-E5g1LiBP9ASDwp3PwC5RrIj4Cr2l4RuxrTkjWciPIcnFsjjppBMoXZtZc_6OLgYg2gkqA2FdKZsp_-bPdaBEk13YVVCoFAv-s_dJHyiHudB0zDTExm00ZnbiqQme6dX1WHh7VswnjyTvzzWJQtAQAHR6Hf1A9NBpD8EKBH29Pdf7u9sWKKJvlJiMiiawg9xFlpOJTSbNdYm-gXLUTinpz36XTSoPBDqcCakVt-K3XF4sdde3rvKxVLqM7gjKkSBR3UMnW57iC1Obwt1fQxGIJ8jxARJb2LQcAB_GxS6F7ooPJ-jsKcDY2YlacwWuzxrBqpx1rDVkeEuJIk5IHjaWgpD-9TCOWKjMgO6pddH2KSLh863aUoRsRr7zcIkgm2xo0rjvIk7JDilJ_0A0KCFncGdCIuwOtLSxt6_4Bx5XdtRY9yT2r8c_cUdCKLSxfN5U7a_oZ60ML2FIlyEFoaYAkw-ulz2jOt1VAiMm8U5V-iuW64aphecey-_wNppRgnHY6Z8xIyo8jPizEV9wnIxDxeUSVu7AOukgFE06HnCxm-kfNS820Jny3nYFEgaw5McSIKkJEetdoNuGjUDe9N8j6YhP5vzOa9xXlWF2GW4uyQGNprGiQJcsNAksclaS9Gnxos11P5SH_D4ly_DetE5skbgEwd97ex5l5OShLOBeUYUs8MMYTjKqOG3urJXLmPEknfDgh6ba29X7X24yfpexoCW0edkibC2P9sWuQ3ia1kN6_jYekhtiIPjTi8HMa9T3noa0gVRUxmg98bWef1F68YVIkHYkgogHlAUgqumCOf1VwKctJPUQHKbbuxTqq0nxRqu3VZT4O8E_stKF8tdxDeeQhuZChHZNS9dli9GJLL4Y0ykceKpV8_0uHKH9ylWC7CcTccoW1wFvZP9zB2ZKE6FIm7FlTEA0tImB4JDCtc2XcEHu74ItbD2s_KrCNJ8MRFwbgfAhA0P9t7jyRf7o_Yj91d0m91xD6vksahLF1xQQESg2n2NlNJZuINGTF-ZMy96qDCEDG75WQWlmFjfTjchAaMtt4HAvH_C9bsSXpNmWu1q9H0HpgPIva8os3lEd-WybAVS4Zzc8rt9RkKlXm30JYKUJiOyHQBOKIqDPOJZJbJJXxOFO9DHAUePRIB6S0ko0cmPQgwFjwPAD0xlu5LdcQGkbwlWXwh_dKZqLbaK5pbGbtV178QCRAFw08BrZJcBI4xw3rdxpg1IaUBG3kBilYYjNNviB4jF5alUibIcpvzUSpnXyOBXOKVDdYD-wTFIBCg88YGwrsMeilGxhpPbtTIG9MO2ADcSLKPJ1rHIgdqgh5hXsF12-LBpZkkdHVqHLDVQMrRUX50T0PJQ4hYpAr6VExLctdJpyQhgMrlby87NO9LA401BVcSXUq70lRZYGL3JM8NfjnRij7DtjTXLgHe8FYRZNV8HzpdHia6hTsvsp-_u61WzCk7taDvvjkd-Owo6Vo2Ry2g2PrCf1ftiAPN3qvL3YQneXMnetkMmZflbjiZhx4gotnCcLEWw0_al7dXtIDxM-qtbeaXr6Zc4Py2C0DB6H8V5TrpmoLANaav3DlO2FcSQDy2yCwx85EiLpdDy6atJbpw4fLdzvekXUstvCzaGlg3AiCE_bapBNbPLft4bhW_cnn1L9sKrKCkaCLGm-zeB4lrBjSay_otYxltSA1s2P99OBkkUcSd6JxUIEeG7eLMSvUqHYy5oMbS5x7sqlQLnCrRU8XAiQnG0NdaZxS0wWUCPZJ7WXxEdmgwSIQOZWjMVF6M0fXU6Axm879m4-XAAvn8sHt2O1GMJCLD5HKxDf4WLeUApoWax1DYYnX032v6OElALcYQyzx44y3Pd-0usbwbiC7Yze64WZBK4cgQuHlLG3g17SlDX4BOB8dBEYrxzNj2W_JiT52EuD5uawr0CeLsxs1hvRCv2z8HderTjy6FxMMdaVjiEAIpUBKB6tKR-26RdgNK7KzjpfHOo69q-bI1_kdULxZYi90YRpG5R-9iNS1UgqEbDxqrk0nCAX5tlNN-YrQ6ydewcH_Hz-SECx3CheuvZoRU698VGlih1c_b1vm8fo7CdbM9yVVT2PjKxTbSJxNptKffnSFahwtYl3_JMyrzOtni68bo1CnFSobQOQ_6uBzKMpsl30qLtzjUITyg7Klb_dwmGaRqkx64x_Pf2GAexcp9sDb-h7p4A_-XU1iCIfruGv4YIqqrUbiZO-3Z11yQmOdMcRz_xFcUkgh1PHAllz4dm4VoEIg5Xi3zyA4EiljycW439F9P3NkHAJXoaaYh6JRNUpTXQ1X3hQxnw4WFJ8-U79Iksh1JNe4tQXj9m73nHMgFLak3-KleTRuOAYzexVK2ya9sW0-SeN-vwzwDqcendPDVUQpf81VyUAIE9BRuxZ2jFNoag5TT7-nrkf377KbV7O49Qw9UE7mjZS9qMboYdcYGLmv-ilb-haIUtes4rWVlKqR3-_t-b4KdJOrTvTZc9PWj8Nm2-hBFwAWxE_qnBIMiex5PPz57s1XGfX2xNKKfa5XiVliHJo_OUmZ_DYipmS5Oa_VbznbUWwBuGG5AAsGVWLVKFX5G6pFCiapa8jip4HZGAdgh7GrpP11cxYqIWGaamAGDwUwh9TPkIZEsLjQEJbLz4uK04RflcagQSPNn_pYtZQX_J3prb8kYTN6yt_IABQFSkF5cEk_jbm6r6h5-wJ-vdLP1y3VZU2WMeMeUQvyMibaCjChP5C6XtH8MHFPSWIDuP1q06eOnt9ljGMsZxX014MOyBfBXLs5SBtIFR62QQEwU75llRpIiqA6XNWzpvHZ4E_o9XEYkzMNoGUbCwrYMIdcE0GfinxXSEwM9IoDEXDYy21ve2FEm6v7HAFZEzRc_9bmiM85Gd15v6V6YuU-2n2-UBS8APibqDsO0tgf9loJpaM1i3GB9K5xjHLGtnduXzCHh71QRIkCNcyCh7j1lxaJ767aaIsynGUSCimzITR-e5OjgiYjc4chrFxQ2bPlc0XSF3PfKKNM0NqybmZuEbErd7J8rpyEIhlHNiQhAgVF4p8gae6bHBZmAdwDDRUJH5Rro4hSkoppvC9-bO-N0QMWvSvReJmFn9RGj-qkHpJkwhDAswPL8zKAWnvCnhkY1FVN_bmFk-EC50Sqfxa-Duvh7zSROPEwYUVQFHGv1rDP3qqNiFprGuzkTm4tWk7uhry0n-NfMiwjPpbvo7KU7pdlWGmakOBtdvdL27wjlQAtV96d1-Wj4AJd3qy2WsDLZzVIaNGR3CRTt2Ktd5Rt0amkIF8ljw4zBNKrFHQqg9r2qfHEjXq0r9q-EiFtQazAgPjfLOnWMvAFd3vS1_PAV7703mhFwNMNZyhmWlHQgk6a5nkVgoQRa9qp46hYUdQX&cid=CAASJORoXoS9DATtc7A21y_cxUZOsVYgoojjUmXo2xDyWPR5zfEYtQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbed499affbabd0bf18a7ba8a3ddcc321b0d5c1e3ce7f59405215cce117680ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35828
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 074D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
impl_v88.js
www.googletagservices.com/dcm/ Frame C118 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v88.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/970282/61278885/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417938%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1652676587%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1652676587455%26bpp%3D3%26bdt%3D362%26idt%3D306%26shv%3Dr20220511%26mjsv%3Dm202205100101%26ptt%3D9%26saldr%3Daa%26correlator%3D463723020067%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D295295263.1652676586%26ga_sid%3D1652676586%26ga_hid%3D1707449053%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44763505%252C44763827%26oid%3D2%26pvsid%3D2606551401218276%26pem%3D550%26tmod%3D1162872940%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.fsvk4qls0hti%26fsb%3D1%26dtd%3D323&adsafe_type=d&adsafe_jsinfo=,id:cf241038-dfaa-c8fb-fbbb-3077749aa256,c:cKxUOq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-mqr6r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:35,oid:9d4b055f-d4d3-11ec-8f6d-6a1f7705d7c7,v:19.8.309,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 02:50:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21405
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 02:50:51 GMT
img
ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/ Frame 23FE
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=379404069fe0475bb5057bd64d385829&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712338bc313b8%2F1652676588582%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?tpid=101&tpuid=BBID-01-03273905892376002-16604280
49 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?tpid=101&tpuid=BBID-01-03273905892376002-16604280
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 16 May 2022 04:49:49 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?tpid=101&tpuid=BBID-01-03273905892376002-16604280
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
createjs-2015.11.26.min.js
code.createjs.com/ Frame D8B6 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/createjs-2015.11.26.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3689830131456613378/200x200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Mon, 16 May 2022 05:04:49 GMT
200x200.js
s0.2mdn.net/sadbundle/3689830131456613378/ Frame D8B6 		52 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3689830131456613378/200x200.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3689830131456613378/200x200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9998ad26ea95018186b0fd859ffaad20857ed7c7b93ee4395b261e6e07ef91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3689830131456613378/200x200.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 15:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308324
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10085
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:55:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 15:11:05 GMT
partner
sync.search.spotxchange.com/ Frame B8F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvNZYExUTL2nixDmAAE88A&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvNZYExUTL2nixDmAAE88A&google_cver=1&__user_check__=1&sync_id=9de0055b-d4d3-11ec-987b-125b01370106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvNZYExUTL2nixDmAAE88A&google_cver=1&__user_check__=1&sync_id=9de0055b-d4d3-11ec-987b-125b01370106
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD3qGIYvbW8xwEwAQ&v=APEucNV7EpRTzypyz4V6latyt4PBWY-14wV0c-M8uycMfrK3mvDsQZQYPJ_MG_Ga85ng9h0nlqhMlE6jhbsrEHwpOkaWi1xh9Vola3AtKGzgHS0sp7PWZHpDrGnLiHR1Tt1POZmaWrl_LNUgLgbNJTbGnDyHJ3eaQ3SqX9HdjO2KgO-2KDPbdKU
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:49 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
24
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 16 May 2022 04:49:49 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEKvNZYExUTL2nixDmAAE88A&google_cver=1&__user_check__=1&sync_id=9de0055b-d4d3-11ec-987b-125b01370106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
93
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B8F0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OWRlMDA1MjQtZDRkMy0xMWVjLTk4N2ItMTI1YjAxMzcwMTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OWRlMDA1MjQtZDRkMy0xMWVjLTk4N2ItMTI1YjAxMzcwMTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD3qGIYvbW8xwEwAQ&v=APEucNV7EpRTzypyz4V6latyt4PBWY-14wV0c-M8uycMfrK3mvDsQZQYPJ_MG_Ga85ng9h0nlqhMlE6jhbsrEHwpOkaWi1xh9Vola3AtKGzgHS0sp7PWZHpDrGnLiHR1Tt1POZmaWrl_LNUgLgbNJTbGnDyHJ3eaQ3SqX9HdjO2KgO-2KDPbdKU
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 16 May 2022 04:49:49 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OWRlMDA1MjQtZDRkMy0xMWVjLTk4N2ItMTI1YjAxMzcwMTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
4
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55946/ Frame B8F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJQK4g8g4ojh56ltj-anbQo&_origin=1&google_cver=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJQK4g8g4ojh56ltj-anbQo&_origin=1&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJQK4g8g4ojh56ltj-anbQo&_origin=1&google_cver=1&apid=UP9dd431c4-d4d3-11ec-b16c-02080fde3794
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJQK4g8g4ojh56ltj-anbQo&_origin=1&google_cver=1&apid=UP9dd431c4-d4d3-11ec-b16c-02080fde3794
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD3qGIYvbW8xwEwAQ&v=APEucNV7EpRTzypyz4V6latyt4PBWY-14wV0c-M8uycMfrK3mvDsQZQYPJ_MG_Ga85ng9h0nlqhMlE6jhbsrEHwpOkaWi1xh9Vola3AtKGzgHS0sp7PWZHpDrGnLiHR1Tt1POZmaWrl_LNUgLgbNJTbGnDyHJ3eaQ3SqX9HdjO2KgO-2KDPbdKU
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJQK4g8g4ojh56ltj-anbQo&_origin=1&google_cver=1&apid=UP9dd431c4-d4d3-11ec-b16c-02080fde3794
date
Mon, 16 May 2022 04:49:49 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B8F0
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9dd431c4-d4d3-11ec-b16c-02080fde3794
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5ZGQ0MzFjNC1kNGQzLTExZWMtYjE2Yy0wMjA4MGZkZTM3OTQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5ZGQ0MzFjNC1kNGQzLTExZWMtYjE2Yy0wMjA4MGZkZTM3OTQ%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD3qGIYvbW8xwEwAQ&v=APEucNV7EpRTzypyz4V6latyt4PBWY-14wV0c-M8uycMfrK3mvDsQZQYPJ_MG_Ga85ng9h0nlqhMlE6jhbsrEHwpOkaWi1xh9Vola3AtKGzgHS0sp7PWZHpDrGnLiHR1Tt1POZmaWrl_LNUgLgbNJTbGnDyHJ3eaQ3SqX9HdjO2KgO-2KDPbdKU
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5ZGQ0MzFjNC1kNGQzLTExZWMtYjE2Yy0wMjA4MGZkZTM3OTQ%3D
date
Mon, 16 May 2022 04:49:49 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/pagead/ Frame 82F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=904108839873201&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 40FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=2606551401218276&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8625 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=2971698416934096&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
skeleton.js
fw.adsafeprotected.com/rjss/st/1002713/62059190/ Frame 74D9 		234 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1002713/62059190/skeleton.js?ias_dspID=3&ias_campId=1007072335&ias_pubId=pub-4577254435597104&ias_chanId=1&ias_placementId=17069351463&bidurl=http://zdorovia.com.ua/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0gltTLG2R4b6BLAqiIq6jWx
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f0c3b6b68bdf01fbacabb2e27fb33506eb77ca21a9313a73b854ab302d967499

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 74D9 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 15:40:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 74D9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWUGNpiDTanzTJm_NGJxT4dKAKowuftU-NGF_SZNOjKKuUoNjE5f9duROJZSJhGswpM0W8Q6bZPmoKBvEpwZwG3RI7YEqKHhaO0Rs2qNqcagMKP52R6KM_YZfx95ccASJjcvmC58PdNutXjzvXB2M8JXv3cA&dbm_d=AKAmf-D2GUE-4MkRr4TUa9q3akvlkA_NmXwMaHWQ8bsKevIlURQTXYMCiXd5ATBXAX-E5g1LiBP9ASDwp3PwC5RrIj4Cr2l4RuxrTkjWciPIcnFsjjppBMoXZtZc_6OLgYg2gkqA2FdKZsp_-bPdaBEk13YVVCoFAv-s_dJHyiHudB0zDTExm00ZnbiqQme6dX1WHh7VswnjyTvzzWJQtAQAHR6Hf1A9NBpD8EKBH29Pdf7u9sWKKJvlJiMiiawg9xFlpOJTSbNdYm-gXLUTinpz36XTSoPBDqcCakVt-K3XF4sdde3rvKxVLqM7gjKkSBR3UMnW57iC1Obwt1fQxGIJ8jxARJb2LQcAB_GxS6F7ooPJ-jsKcDY2YlacwWuzxrBqpx1rDVkeEuJIk5IHjaWgpD-9TCOWKjMgO6pddH2KSLh863aUoRsRr7zcIkgm2xo0rjvIk7JDilJ_0A0KCFncGdCIuwOtLSxt6_4Bx5XdtRY9yT2r8c_cUdCKLSxfN5U7a_oZ60ML2FIlyEFoaYAkw-ulz2jOt1VAiMm8U5V-iuW64aphecey-_wNppRgnHY6Z8xIyo8jPizEV9wnIxDxeUSVu7AOukgFE06HnCxm-kfNS820Jny3nYFEgaw5McSIKkJEetdoNuGjUDe9N8j6YhP5vzOa9xXlWF2GW4uyQGNprGiQJcsNAksclaS9Gnxos11P5SH_D4ly_DetE5skbgEwd97ex5l5OShLOBeUYUs8MMYTjKqOG3urJXLmPEknfDgh6ba29X7X24yfpexoCW0edkibC2P9sWuQ3ia1kN6_jYekhtiIPjTi8HMa9T3noa0gVRUxmg98bWef1F68YVIkHYkgogHlAUgqumCOf1VwKctJPUQHKbbuxTqq0nxRqu3VZT4O8E_stKF8tdxDeeQhuZChHZNS9dli9GJLL4Y0ykceKpV8_0uHKH9ylWC7CcTccoW1wFvZP9zB2ZKE6FIm7FlTEA0tImB4JDCtc2XcEHu74ItbD2s_KrCNJ8MRFwbgfAhA0P9t7jyRf7o_Yj91d0m91xD6vksahLF1xQQESg2n2NlNJZuINGTF-ZMy96qDCEDG75WQWlmFjfTjchAaMtt4HAvH_C9bsSXpNmWu1q9H0HpgPIva8os3lEd-WybAVS4Zzc8rt9RkKlXm30JYKUJiOyHQBOKIqDPOJZJbJJXxOFO9DHAUePRIB6S0ko0cmPQgwFjwPAD0xlu5LdcQGkbwlWXwh_dKZqLbaK5pbGbtV178QCRAFw08BrZJcBI4xw3rdxpg1IaUBG3kBilYYjNNviB4jF5alUibIcpvzUSpnXyOBXOKVDdYD-wTFIBCg88YGwrsMeilGxhpPbtTIG9MO2ADcSLKPJ1rHIgdqgh5hXsF12-LBpZkkdHVqHLDVQMrRUX50T0PJQ4hYpAr6VExLctdJpyQhgMrlby87NO9LA401BVcSXUq70lRZYGL3JM8NfjnRij7DtjTXLgHe8FYRZNV8HzpdHia6hTsvsp-_u61WzCk7taDvvjkd-Owo6Vo2Ry2g2PrCf1ftiAPN3qvL3YQneXMnetkMmZflbjiZhx4gotnCcLEWw0_al7dXtIDxM-qtbeaXr6Zc4Py2C0DB6H8V5TrpmoLANaav3DlO2FcSQDy2yCwx85EiLpdDy6atJbpw4fLdzvekXUstvCzaGlg3AiCE_bapBNbPLft4bhW_cnn1L9sKrKCkaCLGm-zeB4lrBjSay_otYxltSA1s2P99OBkkUcSd6JxUIEeG7eLMSvUqHYy5oMbS5x7sqlQLnCrRU8XAiQnG0NdaZxS0wWUCPZJ7WXxEdmgwSIQOZWjMVF6M0fXU6Axm879m4-XAAvn8sHt2O1GMJCLD5HKxDf4WLeUApoWax1DYYnX032v6OElALcYQyzx44y3Pd-0usbwbiC7Yze64WZBK4cgQuHlLG3g17SlDX4BOB8dBEYrxzNj2W_JiT52EuD5uawr0CeLsxs1hvRCv2z8HderTjy6FxMMdaVjiEAIpUBKB6tKR-26RdgNK7KzjpfHOo69q-bI1_kdULxZYi90YRpG5R-9iNS1UgqEbDxqrk0nCAX5tlNN-YrQ6ydewcH_Hz-SECx3CheuvZoRU698VGlih1c_b1vm8fo7CdbM9yVVT2PjKxTbSJxNptKffnSFahwtYl3_JMyrzOtni68bo1CnFSobQOQ_6uBzKMpsl30qLtzjUITyg7Klb_dwmGaRqkx64x_Pf2GAexcp9sDb-h7p4A_-XU1iCIfruGv4YIqqrUbiZO-3Z11yQmOdMcRz_xFcUkgh1PHAllz4dm4VoEIg5Xi3zyA4EiljycW439F9P3NkHAJXoaaYh6JRNUpTXQ1X3hQxnw4WFJ8-U79Iksh1JNe4tQXj9m73nHMgFLak3-KleTRuOAYzexVK2ya9sW0-SeN-vwzwDqcendPDVUQpf81VyUAIE9BRuxZ2jFNoag5TT7-nrkf377KbV7O49Qw9UE7mjZS9qMboYdcYGLmv-ilb-haIUtes4rWVlKqR3-_t-b4KdJOrTvTZc9PWj8Nm2-hBFwAWxE_qnBIMiex5PPz57s1XGfX2xNKKfa5XiVliHJo_OUmZ_DYipmS5Oa_VbznbUWwBuGG5AAsGVWLVKFX5G6pFCiapa8jip4HZGAdgh7GrpP11cxYqIWGaamAGDwUwh9TPkIZEsLjQEJbLz4uK04RflcagQSPNn_pYtZQX_J3prb8kYTN6yt_IABQFSkF5cEk_jbm6r6h5-wJ-vdLP1y3VZU2WMeMeUQvyMibaCjChP5C6XtH8MHFPSWIDuP1q06eOnt9ljGMsZxX014MOyBfBXLs5SBtIFR62QQEwU75llRpIiqA6XNWzpvHZ4E_o9XEYkzMNoGUbCwrYMIdcE0GfinxXSEwM9IoDEXDYy21ve2FEm6v7HAFZEzRc_9bmiM85Gd15v6V6YuU-2n2-UBS8APibqDsO0tgf9loJpaM1i3GB9K5xjHLGtnduXzCHh71QRIkCNcyCh7j1lxaJ767aaIsynGUSCimzITR-e5OjgiYjc4chrFxQ2bPlc0XSF3PfKKNM0NqybmZuEbErd7J8rpyEIhlHNiQhAgVF4p8gae6bHBZmAdwDDRUJH5Rro4hSkoppvC9-bO-N0QMWvSvReJmFn9RGj-qkHpJkwhDAswPL8zKAWnvCnhkY1FVN_bmFk-EC50Sqfxa-Duvh7zSROPEwYUVQFHGv1rDP3qqNiFprGuzkTm4tWk7uhry0n-NfMiwjPpbvo7KU7pdlWGmakOBtdvdL27wjlQAtV96d1-Wj4AJd3qy2WsDLZzVIaNGR3CRTt2Ktd5Rt0amkIF8ljw4zBNKrFHQqg9r2qfHEjXq0r9q-EiFtQazAgPjfLOnWMvAFd3vS1_PAV7703mhFwNMNZyhmWlHQgk6a5nkVgoQRa9qp46hYUdQX&cid=CAASJORoXoS9DATtc7A21y_cxUZOsVYgoojjUmXo2xDyWPR5zfEYtQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:45:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 74D9 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWUGNpiDTanzTJm_NGJxT4dKAKowuftU-NGF_SZNOjKKuUoNjE5f9duROJZSJhGswpM0W8Q6bZPmoKBvEpwZwG3RI7YEqKHhaO0Rs2qNqcagMKP52R6KM_YZfx95ccASJjcvmC58PdNutXjzvXB2M8JXv3cA&dbm_d=AKAmf-D2GUE-4MkRr4TUa9q3akvlkA_NmXwMaHWQ8bsKevIlURQTXYMCiXd5ATBXAX-E5g1LiBP9ASDwp3PwC5RrIj4Cr2l4RuxrTkjWciPIcnFsjjppBMoXZtZc_6OLgYg2gkqA2FdKZsp_-bPdaBEk13YVVCoFAv-s_dJHyiHudB0zDTExm00ZnbiqQme6dX1WHh7VswnjyTvzzWJQtAQAHR6Hf1A9NBpD8EKBH29Pdf7u9sWKKJvlJiMiiawg9xFlpOJTSbNdYm-gXLUTinpz36XTSoPBDqcCakVt-K3XF4sdde3rvKxVLqM7gjKkSBR3UMnW57iC1Obwt1fQxGIJ8jxARJb2LQcAB_GxS6F7ooPJ-jsKcDY2YlacwWuzxrBqpx1rDVkeEuJIk5IHjaWgpD-9TCOWKjMgO6pddH2KSLh863aUoRsRr7zcIkgm2xo0rjvIk7JDilJ_0A0KCFncGdCIuwOtLSxt6_4Bx5XdtRY9yT2r8c_cUdCKLSxfN5U7a_oZ60ML2FIlyEFoaYAkw-ulz2jOt1VAiMm8U5V-iuW64aphecey-_wNppRgnHY6Z8xIyo8jPizEV9wnIxDxeUSVu7AOukgFE06HnCxm-kfNS820Jny3nYFEgaw5McSIKkJEetdoNuGjUDe9N8j6YhP5vzOa9xXlWF2GW4uyQGNprGiQJcsNAksclaS9Gnxos11P5SH_D4ly_DetE5skbgEwd97ex5l5OShLOBeUYUs8MMYTjKqOG3urJXLmPEknfDgh6ba29X7X24yfpexoCW0edkibC2P9sWuQ3ia1kN6_jYekhtiIPjTi8HMa9T3noa0gVRUxmg98bWef1F68YVIkHYkgogHlAUgqumCOf1VwKctJPUQHKbbuxTqq0nxRqu3VZT4O8E_stKF8tdxDeeQhuZChHZNS9dli9GJLL4Y0ykceKpV8_0uHKH9ylWC7CcTccoW1wFvZP9zB2ZKE6FIm7FlTEA0tImB4JDCtc2XcEHu74ItbD2s_KrCNJ8MRFwbgfAhA0P9t7jyRf7o_Yj91d0m91xD6vksahLF1xQQESg2n2NlNJZuINGTF-ZMy96qDCEDG75WQWlmFjfTjchAaMtt4HAvH_C9bsSXpNmWu1q9H0HpgPIva8os3lEd-WybAVS4Zzc8rt9RkKlXm30JYKUJiOyHQBOKIqDPOJZJbJJXxOFO9DHAUePRIB6S0ko0cmPQgwFjwPAD0xlu5LdcQGkbwlWXwh_dKZqLbaK5pbGbtV178QCRAFw08BrZJcBI4xw3rdxpg1IaUBG3kBilYYjNNviB4jF5alUibIcpvzUSpnXyOBXOKVDdYD-wTFIBCg88YGwrsMeilGxhpPbtTIG9MO2ADcSLKPJ1rHIgdqgh5hXsF12-LBpZkkdHVqHLDVQMrRUX50T0PJQ4hYpAr6VExLctdJpyQhgMrlby87NO9LA401BVcSXUq70lRZYGL3JM8NfjnRij7DtjTXLgHe8FYRZNV8HzpdHia6hTsvsp-_u61WzCk7taDvvjkd-Owo6Vo2Ry2g2PrCf1ftiAPN3qvL3YQneXMnetkMmZflbjiZhx4gotnCcLEWw0_al7dXtIDxM-qtbeaXr6Zc4Py2C0DB6H8V5TrpmoLANaav3DlO2FcSQDy2yCwx85EiLpdDy6atJbpw4fLdzvekXUstvCzaGlg3AiCE_bapBNbPLft4bhW_cnn1L9sKrKCkaCLGm-zeB4lrBjSay_otYxltSA1s2P99OBkkUcSd6JxUIEeG7eLMSvUqHYy5oMbS5x7sqlQLnCrRU8XAiQnG0NdaZxS0wWUCPZJ7WXxEdmgwSIQOZWjMVF6M0fXU6Axm879m4-XAAvn8sHt2O1GMJCLD5HKxDf4WLeUApoWax1DYYnX032v6OElALcYQyzx44y3Pd-0usbwbiC7Yze64WZBK4cgQuHlLG3g17SlDX4BOB8dBEYrxzNj2W_JiT52EuD5uawr0CeLsxs1hvRCv2z8HderTjy6FxMMdaVjiEAIpUBKB6tKR-26RdgNK7KzjpfHOo69q-bI1_kdULxZYi90YRpG5R-9iNS1UgqEbDxqrk0nCAX5tlNN-YrQ6ydewcH_Hz-SECx3CheuvZoRU698VGlih1c_b1vm8fo7CdbM9yVVT2PjKxTbSJxNptKffnSFahwtYl3_JMyrzOtni68bo1CnFSobQOQ_6uBzKMpsl30qLtzjUITyg7Klb_dwmGaRqkx64x_Pf2GAexcp9sDb-h7p4A_-XU1iCIfruGv4YIqqrUbiZO-3Z11yQmOdMcRz_xFcUkgh1PHAllz4dm4VoEIg5Xi3zyA4EiljycW439F9P3NkHAJXoaaYh6JRNUpTXQ1X3hQxnw4WFJ8-U79Iksh1JNe4tQXj9m73nHMgFLak3-KleTRuOAYzexVK2ya9sW0-SeN-vwzwDqcendPDVUQpf81VyUAIE9BRuxZ2jFNoag5TT7-nrkf377KbV7O49Qw9UE7mjZS9qMboYdcYGLmv-ilb-haIUtes4rWVlKqR3-_t-b4KdJOrTvTZc9PWj8Nm2-hBFwAWxE_qnBIMiex5PPz57s1XGfX2xNKKfa5XiVliHJo_OUmZ_DYipmS5Oa_VbznbUWwBuGG5AAsGVWLVKFX5G6pFCiapa8jip4HZGAdgh7GrpP11cxYqIWGaamAGDwUwh9TPkIZEsLjQEJbLz4uK04RflcagQSPNn_pYtZQX_J3prb8kYTN6yt_IABQFSkF5cEk_jbm6r6h5-wJ-vdLP1y3VZU2WMeMeUQvyMibaCjChP5C6XtH8MHFPSWIDuP1q06eOnt9ljGMsZxX014MOyBfBXLs5SBtIFR62QQEwU75llRpIiqA6XNWzpvHZ4E_o9XEYkzMNoGUbCwrYMIdcE0GfinxXSEwM9IoDEXDYy21ve2FEm6v7HAFZEzRc_9bmiM85Gd15v6V6YuU-2n2-UBS8APibqDsO0tgf9loJpaM1i3GB9K5xjHLGtnduXzCHh71QRIkCNcyCh7j1lxaJ767aaIsynGUSCimzITR-e5OjgiYjc4chrFxQ2bPlc0XSF3PfKKNM0NqybmZuEbErd7J8rpyEIhlHNiQhAgVF4p8gae6bHBZmAdwDDRUJH5Rro4hSkoppvC9-bO-N0QMWvSvReJmFn9RGj-qkHpJkwhDAswPL8zKAWnvCnhkY1FVN_bmFk-EC50Sqfxa-Duvh7zSROPEwYUVQFHGv1rDP3qqNiFprGuzkTm4tWk7uhry0n-NfMiwjPpbvo7KU7pdlWGmakOBtdvdL27wjlQAtV96d1-Wj4AJd3qy2WsDLZzVIaNGR3CRTt2Ktd5Rt0amkIF8ljw4zBNKrFHQqg9r2qfHEjXq0r9q-EiFtQazAgPjfLOnWMvAFd3vS1_PAV7703mhFwNMNZyhmWlHQgk6a5nkVgoQRa9qp46hYUdQX&cid=CAASJORoXoS9DATtc7A21y_cxUZOsVYgoojjUmXo2xDyWPR5zfEYtQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:49:32 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 318E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
B27340694.330085819;dc_ver=88.258;sz=728x90;u_sd=1;dc_adk=2659756132;ord=ge7ma5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXVqH69eBYrT4NtOmgAfj3IOgCpX6xflp-pi1lu0P...
ad.doubleclick.net/ddm/adj/N3643.3325855MIQ/ Frame C118 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N3643.3325855MIQ/B27340694.330085819;dc_ver=88.258;sz=728x90;u_sd=1;dc_adk=2659756132;ord=ge7ma5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXVqH69eBYrT4NtOmgAfj3IOgCpX6xflp-pi1lu0P8YPWna8lEAEgrOT2CGC7hoCA0AqgAc_DuNYByAEJqQIv4D3dqpK0PqgDAaoE7gFP0N6dBJil0SLGnsow5p8h3CQ1BrpTUQhYyOR-EPbBgLBjWm51ptU6ZJEevKjtopX1c6Yl3nZOmDl3ahuNRVieuW9-UoQDY9m59fIJWaa9BV9CobQ6r9-2UM5gFN600hFyAI8HWjNsE5-PtG6cPsB9NleNo6_uDhuwaSI5kIo6lpx4RQOAUNWeNget1KQED0j6NIMF9m5GlOffG2I63_3Y_IOPDRJKPkrcAVIUz5dwOzzY-q0jIvO0pBGATFQaeGhVY6O3F9AlHOlZZCQRAo6OZ9rvhXz2SNezXgjMpdwtlcgN6XVFufTPo1J-leBowASZjvDd_APgBAOQBgGgBk2AB5m8x6kCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBPX9Y4P0BMA2BMM2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRop17jxul3w6_7yIPjq8WlpQ%26sig%3DAOD64_3e1TDSz85RDfiapVS3gsgOIngTEg%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-CmrVknRdYmHuXYno-Ga7EpMGPK_2JycUNDbloR_MBkhBMhwzOR4ZRr29_wa3V4BW0N4ZiKohVACN6bv0UVwPHwDaktvYf_N-gcU4JHERW8nzPraaZ9b-UP5ON17nLde3pbZwfr5byi82cwd6fB9Et0kWAdbw%26cry%3D1%26dbm_d%3DAKAmf-AEvPZkicbw67jRbm_-EWdNODRfbpO9hFiwt3ns21bbnWvebQcEqkudYy3R-bAmal1WR8hT1n2hfGPnyiBz07rQkKZOu8f3I6jriRjH4hFFixselxJEdtL0eOtCO1_XYX7alg02OaMB5QOOLSlYQutheT499nUkk4LXhGPfgTThO3qAXNyNFXMfVp-J8QKxQAaG7zSdXUheqXJdx5lHtOsNOuH-Y-HbOOOXymIV1t-_mDlXijBlxenbzqf0sdcCAy56SPvzpcePNhDQh7i32ySEpRiybQnX6RrgBxhK59_9zdegPwHuzBBStoBPJ248Q14cU4eQuNkIrmbZfU5svOXcz_IteMT0OUtJYO167bBwxUyI9Oa8lTk28NINDzuB0ORZ3vQvo6Y5WRjoEKqKxZ-jVJScg2OBK00Orqw2-23c14iIthp5sF8ENhZdndO8cXn3HbJiyvTHMg8owkVHEATmYTjyzzYdjVhfgo0Y8vOD7SRoSt0%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=IVzS*_PWL7;stc=1;sttr=108;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v88.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s12-in-f6.1e100.net
Software
cafe /
Resource Hash
ee27b610c1404830efdd96be58f05a47d80cb497b9e36246eec83b8b59c503ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26918
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 07B8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 5E34 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 5624 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame B421 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B421 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 68A5 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adb80be09a54261bf77bd2bc39fca4ff8cca4fe1c100513d76b02ba0befef3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
8085
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 257D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_1&adk=2150435033&adf=2429112158&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587370&bpp=13&bdt=243&idt=419&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&correlator=1535374352917&frm=22&ife=1&pv=2&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.x8z9yepno39q&fsb=1&xpc=hSQ3CGx1w3&p=https%3A//file.adpartner.pro&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F43F 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro&bust=31067585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55154c03657d5478aef68ca518d32f31e09699652a527284ddc668112f8271c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame F43F 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2156640030855472&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Fbca0a493-1a2c-4e8f-8b0a-59f644495689%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D486e82fc55875f6ef7eba2b7e6177931
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
ptrack
a.audrte.com/ Frame FCBB 		368 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.105&p=M1353665098&artime=2022-05-16T04:49:49.240Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b4117191090235c6145243855cfe3f96c8caf7b90ee6fdf6626db7e7ba9c1253

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:49 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6255 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYCiVnJGE8SlA1osFr4PhHpgA4M9MU_euTfIRf5ljjU4CKJrfUuzpaNgvefVwo9K4skSIGPS8328ODlNR85ly41JH_Z3Rnm8egu8xg5x6ZjTEBfUo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 6255 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:49:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6255 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:49 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 6255 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:35:15 GMT
truncated
/ Frame E1EE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ae751d52b523973ccb8cbae84382703ae466d0dbdd30ba2e14d8b6a330ea354

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1A61 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1793b0dd0f01ced52eb2062c3f7cae39ffe8684accb6a08b64de9ce9be944a36

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame D7EC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=600&slotname=adpartner_zdorovia.com.ua_160x600_br_2&adk=4043599776&adf=1045958785&pi=t.ma~as.adpartner_zdorovia._&w=160&lmt=1638531503&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2156640030855472%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fbca0a493-1a2c-4e8f-8b0a-59f644495689%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUyNjc2NTg2LCJzaG93X2lkIjoiYmNhMGE0OTMtMWEyYy00ZThmLThiMGEtNTlmNjQ0NDk1Njg5IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiOTk0ZWZlMDQtZDY1ZS00NzBkLTgwNWUtY2JjY2FjNzc3MGQ3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D486e82fc55875f6ef7eba2b7e6177931&wgl=1&dt=1652676587405&bpp=3&bdt=278&idt=468&shv=r20220511&mjsv=m202205120101&ptt=5&saldr=sa&prev_slotnames=adpartner_zdorovia.com.ua_160x600_br_1&correlator=1535374352917&frm=22&ife=1&pv=1&ga_vid=883222644.1652676588&ga_sid=1652676588&ga_hid=1411087344&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=476710922&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31067585%2C31067419&oid=2&pvsid=2808109351545938&pem=84&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6i1u7n1h3s4w&fsb=1&xpc=2Q20IaPrbo&p=https%3A//file.adpartner.pro&dtd=476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
4.js
static.adsafeprotected.com/ Frame 74D9
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1002713/62059190/4.js?ias_dspID=3&ias_campId=1007072335&ias_pubId=pub-4577254435597104&ias_chanId=1&ias_placementId=17069351463&bidurl=http://zdorovia.com.ua/&...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H2
Server
2600:9000:214f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
p602AexzDSbi25TlmSvEq0EreSwEMY5b
content-encoding
gzip
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age
299898
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 05 May 2022 17:31:30 GMT
server
AmazonS3
date
Thu, 12 May 2022 17:31:32 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Xi6E5eUID3U9D_gXFJYTMvaOEsqDFhHSeAoghAKUNI4gVvwbOVIRbA==

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame B3F8 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 02:32:42 GMT
content-encoding
gzip
age
3550628
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
hWXReGnTgBro2BmSMHOYRvxWkHnAv2xVB4SK9UVRXeoKGnAZ-PwoPg==
pixel
googleads.g.doubleclick.net/xbbe/ Frame FAB5 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNW7WMUoLnAQqTLl9vj8OLPJxIcPdeC2sKZ9cnlYKlGX7Rf3TxnCUm9JejLijj_pF_cIqkmTuTuDP_g_HKM0934TJqRU7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6255 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkNsyzfc9rTEUh7nrgCbvuMnxeA9pgvkubse3hV4wFXFXzP_ZDw3Prhg-rM0u4XwyWY85Rt6Kj9C58Z5Tnvgm1BIw0ywHz0wYz1aqi7RiZRGYf0uifJ2LCrto6pIxznyKU8moEq3Zw0I3iN6uhenDeLORvCA&dbm_d=AKAmf-DZAwszpwH4kGVz6VmFx-5-xorJGwa4J-tFHJd0k9vUfEvgs46KFvWOpjJRSljn8OIzmYs7wEWGzD9BzHh-RM8Gv7eMx5PF_AVZ51zNeCTe3CfD-Tf2krBn980p3g-T_BmBoH4RMmANwMko43_pXJQ05u90B1zcaZdsP84shfdEOpfAMauSmUoMdJ81p5aZ3Vc0QrjrGRFTRx1PnF0DCGNnCMyGWgnZVbDqHQ0XuHuO4MreQOM5gMwrAGFyaA6tx1e4TVEYYXBEis84rzd6xLLw0fFprwabZXWOGGDVqyNQwHbv6mqh1pcQie5GVoTTaziHrPcQw14L8aSyYPrnEzeIf6wOH972w4P0GAgwj6228pHM5h1iz_9T8AKe9AW8hA3pobfoRzp7fwkalEOGz8hxxwnSKJqOnRhW_j0Pr3vQdyeVM5Tp_0lWmsksYcoh16LnlVn8s4h0mUZlhCQfGNtjnPWKNJGrgVWZQA0lN8Djvq3eYCNG9Q9_ltte4ja0DCpMfx_vat5TXvMGrfWc1dJRHVy3Ctj1keg3ALweZ2DhfWVTgUbMFmAmAaypFadB988lXvgt6JSDHDMFpuCcYSCdAuhH5QfwnzWEEpn1izHYN79pbsCoId1T4Um9ZpmakRyYthW-D_4Vbs_qbFqXHELmERn16nyK2rzRyCNAe6O9TE2zoUrrVqK_JOc4sytR0fAPgkZAfuckcTcw_d06EvgRbDBh7LQz0Hi677k3AmiWSggKPro9IOvtKEoXvqWQccgVEJRJ6deCgyK7Cg1E5m1EHR0EB8l1F29Bth2orjjGaXfNXdjBioI4jRLnlhTMWNUeHmKfnq6HaEsVnW_RR3UNwpstd8ZAq1zMwX1X6ziDIqJJOdh6MOJZ8l9HK1QpTy2hd8UNRnmXDQpEcL2xadS2hmmCaqKCsIxItWBrUmrdmi1GjB7Nxdff5m9DYhRB-PCR_pHBjyTV4yV4vx5ILRRNudiWquAwk1YObdI1mHN-TjasyzwWbfVRDQp1guV0SdUravrm88Cr5emgim2rrHqVQzihefgt4aaXSR7R_ihxPMDCHQ4eavMiLsmd1EXmz1FQiiK_IAeMRY59TqdblruwtGqQXpio8K17J6rHOY3cmmqb30dAt4BVnNNAaCqLWaYFPvOKym3tNVCCbKnHZu_QSSi6MQdw5g6tkYIkDtkQwxk2S2sYBJDczLhpNz1gG2oi1bzO9WMZptqeWz6fiyi6xCEzDZBXlwDvVnnM-138XB0DP4B1wty2v67TEJWCnKpHXu7g2BVqeRiyfSMO-ZReIaAU1c2gMxB6JSA1dBjo8w8LyiVclQwKp_idypNJecbQscKZcJDv3GxTpdNQDuSHQIMYsgPxX-u3xd3G4nosRY20fcDlViZHheRJOXIW9XwZ8xqmQR83g5g0bhxs_PwSFOXxLLkpMZolnIVIECFahgf4iDiRyLBdqr7IrRR1uTFsRlMGICFgi6DuBzTCiY4DOtPOWnV3ylS2Wkpp-uI6IcAJIlVH6vfN0V1fL29SMwEX11Albr_KYke1i568OcBxnfcc8RHZzSV2yr5rEWMNOaRTEPUhbPKvRUCXBAjkH0OXIp231i4xgpYKehx1NA0ZjZh7ENwRAsMuEvpIGLJpgIMNMT1_G67Vt-HCODepAYaPTcxkfQXVvzO467GTsqNyqegKb7ZY3bQtcpH7GCW4rpF-XRh3DUvHcfkIpUpxZM5zj1nsteRNrUUuDwhUT2cKLCacbdZ9CgD2LoWsZ5UztrgL6hNU-jlmkwbqjb_ANLNZx9UlMvTq2Q3cSvAW5RFUxj19OV7ofQCGt0jdPLRCql2lkfNEMYnpWdaGjj2d3Js48BB0VdzEB0KoSc-42izOjZSVIhdq-ofBQaPGdYvLInlKmMNvOsapDe8vS_o-N6BULuTU2rzQSWtkKvCeYq0JDLfENroxY4ymtTMAZ11fc3MZTxyHsJ9pFZYarM4xrfenvSQogmozs3uFwlAEqEYnhJGH7b8jTXBEvvj-BKAfmmARQH6GqCiRY4T6UaZN2fYWQfUlM6RJZgj86GDeMy_fFmzuUnZxyhXjAqQe-T9cDh-QUFuLuEDwTC6keQx-3Q1JXRP6pFyKJGUZ7WzjBylGE9M23bvTzssAQ5x4EI7Bx2CTcHnRxRfvPGdA7CmboAV9W28vnEXYc6GnOMrXbyPkn2Gw66-K3Vop-X0OPA7HtRyMM72eTHMDGzWMPB2-SE9nBw0QUwz2-YzFiD6LuPjHxdT78KZ8nWpw8hA0tH52Twr214bkPOEgAP4hy4FK0-0KD-LXkNw-cuLAZEve14oCAtFcOUgq6lds-jtmTuD9PKnv48ufR3t4bi3-jsFhx5TIqAR_U74sVyN5g71sIbV2ZlLXKtuk6FrDgnF-KT3zcSbdFkj8dgbxDMyDIRURBGY19fR_HZm64q05LAjqwSg-seRSV7178HDbFCWWlLmmjp6EVVShieIiAztr_Ck4FlyQMG-WByqhC5pty_I4tBAzjq6wqsSXQipkPoKcwYymG86PLB7vPg2pdAfV4PBo71ifViiJnwFMXTGNtNYgIVeI1RgKI4_-bydQa-j3LC9q4Pva6p9gOnpFtqIUBdmuT-w-JUCqaqHXuQfSCiFTqj6Qpg56rALFwTPv-3_FafQUPS2wfzQkdzM5Fxtj2AAXcJmXGwCtGAMWSCR_jXi9iRDdPxjkiHgvd9w5gV1z3vanOQC3AbXw0p65afqlk_1GUeI74SzxhuRcIYqNqla632qeC55BWe6_PU8F_88t33m-RKM31SUYA2fpuHOsA4DdubSilA3rKJpIcdKC_Q3kpezrst9loh0BtJC-SAByV0qqoQdR-7Wqh5TIefaZrt4IQe-SOu8L3uQH2gEglTgQCy5vXkmPcX-iqZT4ywvh9ZPUWkEPHuNSngsleaF38kdh8QDMYBPCDcCIIPb5P5KIOwaVP9O80UzGkXyNg3mXqflksz1pj1kKSgYrg8AOLYHRtxMBjhqZFeRq-UFbEQ8O6wsMNf4p2fk8UuqtocZ-6W3bbhzV4L1KYxtqPhvq_2tuWf_11qkDWVpH3hSyp1TImEBAv1m8pnrsJNBiIg6UGEM-a3-hbZkwYzfYagof_WW_VjYXlhXozyo7zZYJr-uGtGUWSmINDpgl8cOTvNCVL6Wp60bFqguxlEl8L3TDW0onTSAXOaZYlOU4Jb1gW_9ccgahgY1eg5Lnd5Ur271kOswmesxjOzQnCotAd_kN-f-iQH8R_MYZPaa87ZEnS7vB62kSKk4FBCf80zwn3y3pYLxRSs-GX7eBcy-U4WVXOfp_ccbx4KxLnfo7oPM4j60in5meIhTbpSo3np1zMthAQ4zJKe5XKU9G1hzbiXQwPDTJ8WpFOLZrABSkq-dFUNlQOkRLPk-pq3-r1AAPLiOBIx-Sjo_HjuQcAAKT87iw1CY1JgWRIfr9wRqSedZwnphXHkJWQ4EcX0qfogT2eyHOr5Ys4mPLef1vCgLFgx6Vixd6dn5BrIhgxBzxRrgecn-Zt7kbfsZ-YfmRlfJxppRO9LB6pGxre2n-bq3Q9KrgH4OTiZfQg9qzbBpknctjJnV0V6HuKfxs_Q&cid=CAASEuRoyxaH5jUixCJ4ln5fhzuDvA&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74d8c9fba3a47b3438f4986caeabfdb83e5b2d53a8a43366d5c02793ed6ed503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33419
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 74D9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 15:40:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C116 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
82565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 16 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F43F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro&bust=31067585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:49 GMT
truncated
/ Frame 74D9 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
004680039f3b8d3966069e3d70f391d300869b58c2162b9c416b0b9b554e7873

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxV0i,pingTime:-3,time:118,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B113~0%5D,as:%5B113~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t5YaxKw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxV0k,pingTime:-6,time:120,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:120,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B115~0%5D,as:%5B115~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t5YaxKw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
p
a.audrte.com/ Frame FCBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=&google_gid=CAESEPgRzG0uQqZtaLRezPkhtN4&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:49 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 16 May 2022 04:49:49 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame FCBB
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8624539296363438648
  • https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:49 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 16 May 2022 04:49:49 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame FCBB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3lgGzTh9LMoTqeLEeOjAAfUzw&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:49 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxV1J,pingTime:-10,time:859,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1652676589479%7C%7C70b76f54bc624ddc3fa7053d636db945%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C21cacb71f2856707ff968afd78ec7dc9%7C%7C710434a0cc49e0083c5950293dd1a253%7C%7Ce49849d6a73442c48b18a08a9aa99142%7C%7C003d4da797a8604e5ef461844f9807fe%7C%7Cbf0889e3c6e348c13c7c9a06d97ce7f5%7C%7C1629390669,im:%7Bimprf:%7Bttecl:814,ecd:284,tsecr:112%7D%7D%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxV2e,pingTime:-2,time:238,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1171,beZ:1172,mfA:1173,cmA:1175,inA:1175,inZ:1179,prA:1179,prZ:1197,si:1203,poA:1203,poZ:1222,cmZ:1222,mfZ:1222,loA:1291,loZ:1295,ltA:1409,ltZ:1409%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:238,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B233~0%5D,as:%5B233~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2.970282-61278885%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,sinceFw:205,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
index.html
s0.2mdn.net/6527551/1651227802756/ Frame 8976 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/6527551/1651227802756/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff27eb300eb2d10c0f724374f9789b12d0d19606dd56b8a1018f138fe3bfcbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
940
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1855
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:34:09 GMT
expires
Tue, 17 May 2022 04:34:09 GMT
last-modified
Fri, 29 Apr 2022 10:23:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 74D9 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNSCFnS_4d_D2UkIX0tbtnc8MM_8cybV04CVtoCLpmFck6T1rR-JU_-cMsNDEP4qgSRMduN-CjB69fZkQlzktrCEMW4VuKlN_UR7AIRpyz1wHf2BdbRfLxawqnWuWM7U47UW0AsvpSKqUN6mufK2AFkUm_SAQY6z1E-Ze9YQMGqDfZglyICV7A3XMr8sTuwd00KuAGKAo1fyepvy_pi6jc6Sgcx-Lpo6OlIZeaDKQqLQlxlrhBXt70oD60wD6VEXEM0Txb1fsKvq357Rn5LOyyGJ8_yPDotXFwVMh7mYMfkgERKVllq3McjQjufOKd3Yag8dXHhljTiitSEIFBbF_8ASDXpA4BqEpsJN60XhJuxPNK0xpkdi1fFlE6aBTFcU_R3ZoQ7xXMzrbUNaHJExcdIiCKBUg1izRT03zPje1D_1A6A6i5UawmBkd4rkFsuM0PEDl4Wz21wpXaPz9Gu1chEVrG1_SkZ0cvkIigoYr-lljnT6AN79mHThTAaMcbOX_ewCIPZOLriz92fyj8DY40x8lC1wCCmzSuEGwpaZRi47ek8zWl8xEhzZOihB6cICXWXdeKs3naDH49H1cFPc4QW_JYU5khvkc9o7LjCIKITsMZGt-CORi85tOBo3VFJ2-YnQx4jrY_aO6f3T4CLAMhvnS0REdd-ycTzQKAA-ZOicV9NJZU2fC2KEsfKe12RB2lXUQ4bpUtfutYwysLhfE-Y0a7Rv8vZsk5ed61cVCU93cE9DENRWfH56dujU7Gky79WwaM4GLrQYw8FhKNTane2b7_W1P2vvog7Sm8QWXQ2b2NxTOwLMFEGc15SgJyGCKW2xAAy0AHwsveHhjkC9XPOl7iU-_R2CXTqIPCsjrYDhkQEWnp6AYYR4f_xY4y2vHG7UuHd1q5GrQxJjehjY0n8lAZaV5otTiS3I-aNuIvBq_6uIUBLN2rxhF1Y81eWDLG7YDadsKRchQ48w015eHHHCZGx-E25BCY4av1ue7MR8H4b7vQ94TbZ63vdl6AEHvJPODkcnAKP-AwGj7s6QSL2ne0jDDW0m-enLSVM6yWcscKWKz0Zl2bLzMn74tbF-_YoFHFwxdEly_cWEe4xqL79RaQN-s9OmI9g4hEvekb3wwaw5tMAo_1KnTrrFAnP8EXtl6Z8j1HJfaW9Jlbt-AD1BJ7UoSbLVIhdJSigNqUH-jpVnzGPQhHHM-G2u3Z_diRF8BHQnthHsywkrHn6BbG4eWsuQAGokq1Q0ptGG6wSraa&sai=AMfl-YRrkvgjeu9HP0uimURf-MUyCif3g20pbLs6ZWaWguYpZzsE4YFEvoRTmEXiQZv_OfgkBI4O5Lvuhsu0EGUHMOihmz9SHIOQ623CuPweL2r6vES8wOpaupteAdrZEWpHzPB595q-e83MPPVgd_AuwCXcoPIHKlTlTqL0DooyiRiMc3zoSb0Wkfg9fmWsbne2ZGh9HOXUzzs7m-hqWfOxOV8t69hSZ5NvCQ3fg47e4XVFvQ&sig=Cg0ArKJSzFWpEPDhAvjvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=396&cbvp=1&cstd=394&cisv=r20220511.26636&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 16 May 2022 04:49:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 23FE
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=01e7b9bea623d048747be6e8e...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YoHX6pnKchycMLvXJupRmwAA%26648
49 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YoHX6pnKchycMLvXJupRmwAA%26648
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YoHX6pnKchycMLvXJupRmwAA%26648
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
309
Expires
Mon, 16 May 2022 04:49:49 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C118 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 15:40:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame C118 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N3643.3325855MIQ/B27340694.330085819;dc_ver=88.258;sz=728x90;u_sd=1;dc_adk=2659756132;ord=ge7ma5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXVqH69eBYrT4NtOmgAfj3IOgCpX6xflp-pi1lu0P8YPWna8lEAEgrOT2CGC7hoCA0AqgAc_DuNYByAEJqQIv4D3dqpK0PqgDAaoE7gFP0N6dBJil0SLGnsow5p8h3CQ1BrpTUQhYyOR-EPbBgLBjWm51ptU6ZJEevKjtopX1c6Yl3nZOmDl3ahuNRVieuW9-UoQDY9m59fIJWaa9BV9CobQ6r9-2UM5gFN600hFyAI8HWjNsE5-PtG6cPsB9NleNo6_uDhuwaSI5kIo6lpx4RQOAUNWeNget1KQED0j6NIMF9m5GlOffG2I63_3Y_IOPDRJKPkrcAVIUz5dwOzzY-q0jIvO0pBGATFQaeGhVY6O3F9AlHOlZZCQRAo6OZ9rvhXz2SNezXgjMpdwtlcgN6XVFufTPo1J-leBowASZjvDd_APgBAOQBgGgBk2AB5m8x6kCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBPX9Y4P0BMA2BMM2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRop17jxul3w6_7yIPjq8WlpQ%26sig%3DAOD64_3e1TDSz85RDfiapVS3gsgOIngTEg%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-CmrVknRdYmHuXYno-Ga7EpMGPK_2JycUNDbloR_MBkhBMhwzOR4ZRr29_wa3V4BW0N4ZiKohVACN6bv0UVwPHwDaktvYf_N-gcU4JHERW8nzPraaZ9b-UP5ON17nLde3pbZwfr5byi82cwd6fB9Et0kWAdbw%26cry%3D1%26dbm_d%3DAKAmf-AEvPZkicbw67jRbm_-EWdNODRfbpO9hFiwt3ns21bbnWvebQcEqkudYy3R-bAmal1WR8hT1n2hfGPnyiBz07rQkKZOu8f3I6jriRjH4hFFixselxJEdtL0eOtCO1_XYX7alg02OaMB5QOOLSlYQutheT499nUkk4LXhGPfgTThO3qAXNyNFXMfVp-J8QKxQAaG7zSdXUheqXJdx5lHtOsNOuH-Y-HbOOOXymIV1t-_mDlXijBlxenbzqf0sdcCAy56SPvzpcePNhDQh7i32ySEpRiybQnX6RrgBxhK59_9zdegPwHuzBBStoBPJ248Q14cU4eQuNkIrmbZfU5svOXcz_IteMT0OUtJYO167bBwxUyI9Oa8lTk28NINDzuB0ORZ3vQvo6Y5WRjoEKqKxZ-jVJScg2OBK00Orqw2-23c14iIthp5sF8ENhZdndO8cXn3HbJiyvTHMg8owkVHEATmYTjyzzYdjVhfgo0Y8vOD7SRoSt0%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=IVzS*_PWL7;stc=1;sttr=108;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:45:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C118 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 15:40:13 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6255 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 02:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 02:50:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 6255 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkNsyzfc9rTEUh7nrgCbvuMnxeA9pgvkubse3hV4wFXFXzP_ZDw3Prhg-rM0u4XwyWY85Rt6Kj9C58Z5Tnvgm1BIw0ywHz0wYz1aqi7RiZRGYf0uifJ2LCrto6pIxznyKU8moEq3Zw0I3iN6uhenDeLORvCA&dbm_d=AKAmf-DZAwszpwH4kGVz6VmFx-5-xorJGwa4J-tFHJd0k9vUfEvgs46KFvWOpjJRSljn8OIzmYs7wEWGzD9BzHh-RM8Gv7eMx5PF_AVZ51zNeCTe3CfD-Tf2krBn980p3g-T_BmBoH4RMmANwMko43_pXJQ05u90B1zcaZdsP84shfdEOpfAMauSmUoMdJ81p5aZ3Vc0QrjrGRFTRx1PnF0DCGNnCMyGWgnZVbDqHQ0XuHuO4MreQOM5gMwrAGFyaA6tx1e4TVEYYXBEis84rzd6xLLw0fFprwabZXWOGGDVqyNQwHbv6mqh1pcQie5GVoTTaziHrPcQw14L8aSyYPrnEzeIf6wOH972w4P0GAgwj6228pHM5h1iz_9T8AKe9AW8hA3pobfoRzp7fwkalEOGz8hxxwnSKJqOnRhW_j0Pr3vQdyeVM5Tp_0lWmsksYcoh16LnlVn8s4h0mUZlhCQfGNtjnPWKNJGrgVWZQA0lN8Djvq3eYCNG9Q9_ltte4ja0DCpMfx_vat5TXvMGrfWc1dJRHVy3Ctj1keg3ALweZ2DhfWVTgUbMFmAmAaypFadB988lXvgt6JSDHDMFpuCcYSCdAuhH5QfwnzWEEpn1izHYN79pbsCoId1T4Um9ZpmakRyYthW-D_4Vbs_qbFqXHELmERn16nyK2rzRyCNAe6O9TE2zoUrrVqK_JOc4sytR0fAPgkZAfuckcTcw_d06EvgRbDBh7LQz0Hi677k3AmiWSggKPro9IOvtKEoXvqWQccgVEJRJ6deCgyK7Cg1E5m1EHR0EB8l1F29Bth2orjjGaXfNXdjBioI4jRLnlhTMWNUeHmKfnq6HaEsVnW_RR3UNwpstd8ZAq1zMwX1X6ziDIqJJOdh6MOJZ8l9HK1QpTy2hd8UNRnmXDQpEcL2xadS2hmmCaqKCsIxItWBrUmrdmi1GjB7Nxdff5m9DYhRB-PCR_pHBjyTV4yV4vx5ILRRNudiWquAwk1YObdI1mHN-TjasyzwWbfVRDQp1guV0SdUravrm88Cr5emgim2rrHqVQzihefgt4aaXSR7R_ihxPMDCHQ4eavMiLsmd1EXmz1FQiiK_IAeMRY59TqdblruwtGqQXpio8K17J6rHOY3cmmqb30dAt4BVnNNAaCqLWaYFPvOKym3tNVCCbKnHZu_QSSi6MQdw5g6tkYIkDtkQwxk2S2sYBJDczLhpNz1gG2oi1bzO9WMZptqeWz6fiyi6xCEzDZBXlwDvVnnM-138XB0DP4B1wty2v67TEJWCnKpHXu7g2BVqeRiyfSMO-ZReIaAU1c2gMxB6JSA1dBjo8w8LyiVclQwKp_idypNJecbQscKZcJDv3GxTpdNQDuSHQIMYsgPxX-u3xd3G4nosRY20fcDlViZHheRJOXIW9XwZ8xqmQR83g5g0bhxs_PwSFOXxLLkpMZolnIVIECFahgf4iDiRyLBdqr7IrRR1uTFsRlMGICFgi6DuBzTCiY4DOtPOWnV3ylS2Wkpp-uI6IcAJIlVH6vfN0V1fL29SMwEX11Albr_KYke1i568OcBxnfcc8RHZzSV2yr5rEWMNOaRTEPUhbPKvRUCXBAjkH0OXIp231i4xgpYKehx1NA0ZjZh7ENwRAsMuEvpIGLJpgIMNMT1_G67Vt-HCODepAYaPTcxkfQXVvzO467GTsqNyqegKb7ZY3bQtcpH7GCW4rpF-XRh3DUvHcfkIpUpxZM5zj1nsteRNrUUuDwhUT2cKLCacbdZ9CgD2LoWsZ5UztrgL6hNU-jlmkwbqjb_ANLNZx9UlMvTq2Q3cSvAW5RFUxj19OV7ofQCGt0jdPLRCql2lkfNEMYnpWdaGjj2d3Js48BB0VdzEB0KoSc-42izOjZSVIhdq-ofBQaPGdYvLInlKmMNvOsapDe8vS_o-N6BULuTU2rzQSWtkKvCeYq0JDLfENroxY4ymtTMAZ11fc3MZTxyHsJ9pFZYarM4xrfenvSQogmozs3uFwlAEqEYnhJGH7b8jTXBEvvj-BKAfmmARQH6GqCiRY4T6UaZN2fYWQfUlM6RJZgj86GDeMy_fFmzuUnZxyhXjAqQe-T9cDh-QUFuLuEDwTC6keQx-3Q1JXRP6pFyKJGUZ7WzjBylGE9M23bvTzssAQ5x4EI7Bx2CTcHnRxRfvPGdA7CmboAV9W28vnEXYc6GnOMrXbyPkn2Gw66-K3Vop-X0OPA7HtRyMM72eTHMDGzWMPB2-SE9nBw0QUwz2-YzFiD6LuPjHxdT78KZ8nWpw8hA0tH52Twr214bkPOEgAP4hy4FK0-0KD-LXkNw-cuLAZEve14oCAtFcOUgq6lds-jtmTuD9PKnv48ufR3t4bi3-jsFhx5TIqAR_U74sVyN5g71sIbV2ZlLXKtuk6FrDgnF-KT3zcSbdFkj8dgbxDMyDIRURBGY19fR_HZm64q05LAjqwSg-seRSV7178HDbFCWWlLmmjp6EVVShieIiAztr_Ck4FlyQMG-WByqhC5pty_I4tBAzjq6wqsSXQipkPoKcwYymG86PLB7vPg2pdAfV4PBo71ifViiJnwFMXTGNtNYgIVeI1RgKI4_-bydQa-j3LC9q4Pva6p9gOnpFtqIUBdmuT-w-JUCqaqHXuQfSCiFTqj6Qpg56rALFwTPv-3_FafQUPS2wfzQkdzM5Fxtj2AAXcJmXGwCtGAMWSCR_jXi9iRDdPxjkiHgvd9w5gV1z3vanOQC3AbXw0p65afqlk_1GUeI74SzxhuRcIYqNqla632qeC55BWe6_PU8F_88t33m-RKM31SUYA2fpuHOsA4DdubSilA3rKJpIcdKC_Q3kpezrst9loh0BtJC-SAByV0qqoQdR-7Wqh5TIefaZrt4IQe-SOu8L3uQH2gEglTgQCy5vXkmPcX-iqZT4ywvh9ZPUWkEPHuNSngsleaF38kdh8QDMYBPCDcCIIPb5P5KIOwaVP9O80UzGkXyNg3mXqflksz1pj1kKSgYrg8AOLYHRtxMBjhqZFeRq-UFbEQ8O6wsMNf4p2fk8UuqtocZ-6W3bbhzV4L1KYxtqPhvq_2tuWf_11qkDWVpH3hSyp1TImEBAv1m8pnrsJNBiIg6UGEM-a3-hbZkwYzfYagof_WW_VjYXlhXozyo7zZYJr-uGtGUWSmINDpgl8cOTvNCVL6Wp60bFqguxlEl8L3TDW0onTSAXOaZYlOU4Jb1gW_9ccgahgY1eg5Lnd5Ur271kOswmesxjOzQnCotAd_kN-f-iQH8R_MYZPaa87ZEnS7vB62kSKk4FBCf80zwn3y3pYLxRSs-GX7eBcy-U4WVXOfp_ccbx4KxLnfo7oPM4j60in5meIhTbpSo3np1zMthAQ4zJKe5XKU9G1hzbiXQwPDTJ8WpFOLZrABSkq-dFUNlQOkRLPk-pq3-r1AAPLiOBIx-Sjo_HjuQcAAKT87iw1CY1JgWRIfr9wRqSedZwnphXHkJWQ4EcX0qfogT2eyHOr5Ys4mPLef1vCgLFgx6Vixd6dn5BrIhgxBzxRrgecn-Zt7kbfsZ-YfmRlfJxppRO9LB6pGxre2n-bq3Q9KrgH4OTiZfQg9qzbBpknctjJnV0V6HuKfxs_Q&cid=CAASEuRoyxaH5jUixCJ4ln5fhzuDvA&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:45:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 6255 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkNsyzfc9rTEUh7nrgCbvuMnxeA9pgvkubse3hV4wFXFXzP_ZDw3Prhg-rM0u4XwyWY85Rt6Kj9C58Z5Tnvgm1BIw0ywHz0wYz1aqi7RiZRGYf0uifJ2LCrto6pIxznyKU8moEq3Zw0I3iN6uhenDeLORvCA&dbm_d=AKAmf-DZAwszpwH4kGVz6VmFx-5-xorJGwa4J-tFHJd0k9vUfEvgs46KFvWOpjJRSljn8OIzmYs7wEWGzD9BzHh-RM8Gv7eMx5PF_AVZ51zNeCTe3CfD-Tf2krBn980p3g-T_BmBoH4RMmANwMko43_pXJQ05u90B1zcaZdsP84shfdEOpfAMauSmUoMdJ81p5aZ3Vc0QrjrGRFTRx1PnF0DCGNnCMyGWgnZVbDqHQ0XuHuO4MreQOM5gMwrAGFyaA6tx1e4TVEYYXBEis84rzd6xLLw0fFprwabZXWOGGDVqyNQwHbv6mqh1pcQie5GVoTTaziHrPcQw14L8aSyYPrnEzeIf6wOH972w4P0GAgwj6228pHM5h1iz_9T8AKe9AW8hA3pobfoRzp7fwkalEOGz8hxxwnSKJqOnRhW_j0Pr3vQdyeVM5Tp_0lWmsksYcoh16LnlVn8s4h0mUZlhCQfGNtjnPWKNJGrgVWZQA0lN8Djvq3eYCNG9Q9_ltte4ja0DCpMfx_vat5TXvMGrfWc1dJRHVy3Ctj1keg3ALweZ2DhfWVTgUbMFmAmAaypFadB988lXvgt6JSDHDMFpuCcYSCdAuhH5QfwnzWEEpn1izHYN79pbsCoId1T4Um9ZpmakRyYthW-D_4Vbs_qbFqXHELmERn16nyK2rzRyCNAe6O9TE2zoUrrVqK_JOc4sytR0fAPgkZAfuckcTcw_d06EvgRbDBh7LQz0Hi677k3AmiWSggKPro9IOvtKEoXvqWQccgVEJRJ6deCgyK7Cg1E5m1EHR0EB8l1F29Bth2orjjGaXfNXdjBioI4jRLnlhTMWNUeHmKfnq6HaEsVnW_RR3UNwpstd8ZAq1zMwX1X6ziDIqJJOdh6MOJZ8l9HK1QpTy2hd8UNRnmXDQpEcL2xadS2hmmCaqKCsIxItWBrUmrdmi1GjB7Nxdff5m9DYhRB-PCR_pHBjyTV4yV4vx5ILRRNudiWquAwk1YObdI1mHN-TjasyzwWbfVRDQp1guV0SdUravrm88Cr5emgim2rrHqVQzihefgt4aaXSR7R_ihxPMDCHQ4eavMiLsmd1EXmz1FQiiK_IAeMRY59TqdblruwtGqQXpio8K17J6rHOY3cmmqb30dAt4BVnNNAaCqLWaYFPvOKym3tNVCCbKnHZu_QSSi6MQdw5g6tkYIkDtkQwxk2S2sYBJDczLhpNz1gG2oi1bzO9WMZptqeWz6fiyi6xCEzDZBXlwDvVnnM-138XB0DP4B1wty2v67TEJWCnKpHXu7g2BVqeRiyfSMO-ZReIaAU1c2gMxB6JSA1dBjo8w8LyiVclQwKp_idypNJecbQscKZcJDv3GxTpdNQDuSHQIMYsgPxX-u3xd3G4nosRY20fcDlViZHheRJOXIW9XwZ8xqmQR83g5g0bhxs_PwSFOXxLLkpMZolnIVIECFahgf4iDiRyLBdqr7IrRR1uTFsRlMGICFgi6DuBzTCiY4DOtPOWnV3ylS2Wkpp-uI6IcAJIlVH6vfN0V1fL29SMwEX11Albr_KYke1i568OcBxnfcc8RHZzSV2yr5rEWMNOaRTEPUhbPKvRUCXBAjkH0OXIp231i4xgpYKehx1NA0ZjZh7ENwRAsMuEvpIGLJpgIMNMT1_G67Vt-HCODepAYaPTcxkfQXVvzO467GTsqNyqegKb7ZY3bQtcpH7GCW4rpF-XRh3DUvHcfkIpUpxZM5zj1nsteRNrUUuDwhUT2cKLCacbdZ9CgD2LoWsZ5UztrgL6hNU-jlmkwbqjb_ANLNZx9UlMvTq2Q3cSvAW5RFUxj19OV7ofQCGt0jdPLRCql2lkfNEMYnpWdaGjj2d3Js48BB0VdzEB0KoSc-42izOjZSVIhdq-ofBQaPGdYvLInlKmMNvOsapDe8vS_o-N6BULuTU2rzQSWtkKvCeYq0JDLfENroxY4ymtTMAZ11fc3MZTxyHsJ9pFZYarM4xrfenvSQogmozs3uFwlAEqEYnhJGH7b8jTXBEvvj-BKAfmmARQH6GqCiRY4T6UaZN2fYWQfUlM6RJZgj86GDeMy_fFmzuUnZxyhXjAqQe-T9cDh-QUFuLuEDwTC6keQx-3Q1JXRP6pFyKJGUZ7WzjBylGE9M23bvTzssAQ5x4EI7Bx2CTcHnRxRfvPGdA7CmboAV9W28vnEXYc6GnOMrXbyPkn2Gw66-K3Vop-X0OPA7HtRyMM72eTHMDGzWMPB2-SE9nBw0QUwz2-YzFiD6LuPjHxdT78KZ8nWpw8hA0tH52Twr214bkPOEgAP4hy4FK0-0KD-LXkNw-cuLAZEve14oCAtFcOUgq6lds-jtmTuD9PKnv48ufR3t4bi3-jsFhx5TIqAR_U74sVyN5g71sIbV2ZlLXKtuk6FrDgnF-KT3zcSbdFkj8dgbxDMyDIRURBGY19fR_HZm64q05LAjqwSg-seRSV7178HDbFCWWlLmmjp6EVVShieIiAztr_Ck4FlyQMG-WByqhC5pty_I4tBAzjq6wqsSXQipkPoKcwYymG86PLB7vPg2pdAfV4PBo71ifViiJnwFMXTGNtNYgIVeI1RgKI4_-bydQa-j3LC9q4Pva6p9gOnpFtqIUBdmuT-w-JUCqaqHXuQfSCiFTqj6Qpg56rALFwTPv-3_FafQUPS2wfzQkdzM5Fxtj2AAXcJmXGwCtGAMWSCR_jXi9iRDdPxjkiHgvd9w5gV1z3vanOQC3AbXw0p65afqlk_1GUeI74SzxhuRcIYqNqla632qeC55BWe6_PU8F_88t33m-RKM31SUYA2fpuHOsA4DdubSilA3rKJpIcdKC_Q3kpezrst9loh0BtJC-SAByV0qqoQdR-7Wqh5TIefaZrt4IQe-SOu8L3uQH2gEglTgQCy5vXkmPcX-iqZT4ywvh9ZPUWkEPHuNSngsleaF38kdh8QDMYBPCDcCIIPb5P5KIOwaVP9O80UzGkXyNg3mXqflksz1pj1kKSgYrg8AOLYHRtxMBjhqZFeRq-UFbEQ8O6wsMNf4p2fk8UuqtocZ-6W3bbhzV4L1KYxtqPhvq_2tuWf_11qkDWVpH3hSyp1TImEBAv1m8pnrsJNBiIg6UGEM-a3-hbZkwYzfYagof_WW_VjYXlhXozyo7zZYJr-uGtGUWSmINDpgl8cOTvNCVL6Wp60bFqguxlEl8L3TDW0onTSAXOaZYlOU4Jb1gW_9ccgahgY1eg5Lnd5Ur271kOswmesxjOzQnCotAd_kN-f-iQH8R_MYZPaa87ZEnS7vB62kSKk4FBCf80zwn3y3pYLxRSs-GX7eBcy-U4WVXOfp_ccbx4KxLnfo7oPM4j60in5meIhTbpSo3np1zMthAQ4zJKe5XKU9G1hzbiXQwPDTJ8WpFOLZrABSkq-dFUNlQOkRLPk-pq3-r1AAPLiOBIx-Sjo_HjuQcAAKT87iw1CY1JgWRIfr9wRqSedZwnphXHkJWQ4EcX0qfogT2eyHOr5Ys4mPLef1vCgLFgx6Vixd6dn5BrIhgxBzxRrgecn-Zt7kbfsZ-YfmRlfJxppRO9LB6pGxre2n-bq3Q9KrgH4OTiZfQg9qzbBpknctjJnV0V6HuKfxs_Q&cid=CAASEuRoyxaH5jUixCJ4ln5fhzuDvA&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:49:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 892B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwIp3Ws2n_pS7cWr-uaaoVyNyTaL67dsOMw0jrPVRo0h8-ts-vgP7M2oPV7bNTJyw2U9JjUHqAFYOJndbE6hK_Qr8m47p3Rw2O-4e6O8foQfEWWChM5v_8SMj7DO2oJwKyqXhK-ocfgdi6yN971YDOHikpRU8CKDPrh_7okP0wed6FFKr-l6JPlzbGIlEUyeBDDYNc5G_VcfSxaBPXWJm4JeCdj6IUpp9kVUpgMyjBSGqCjJNgSME1msJPyrpfECEDNTmtUSfMZUXYlowSCvkd7HC9AEkDDBXcp1SRVFg2RPuXd_01Clx9j6huptDeNvwuwONcaQ91OMJeQGLpGtO_jfLXmzayfMkWNnbnx_o_cHqTE942tVsEbS6_eqEW-4pIqMfZxm1IyuMmWlhFOxLJ80tqF2tWHgwP-sQ3VrdGdqkxDietPX7pDQdKlF_TTmaDgRMY6teGKinDfZTO82Q-YjrpFW1lGric-0b7xqN_3ttb3xbGkIDKZ9M5tCmFOzYtYuAZhMvgaFOFFUM60lhV6jCGB7BUN6CsZay7Uu3BYZqljODiHzrdtmSG4YSzCdNdVl6j1ZOMHvNhFi6e_RsfLpzd_7rdIIrcmoxUm7uhs_znUGoPRWByw1LeTc9CqTK46zx803zCsQTDNki9vgBBUqGXO4xhuJMIT81lCZsQ44hBc2degYH-Dw2Fp9lriBUctMkFkAXa8yP8DX_OG5RUWnsHWZbgoWCdJwdRktyftJr6gOQZB-O3CW0HrlsQ4MY3yzi-wVpl1TkKltNedZPel03ObN8OkSSXmCPQZ2vg_8w6kDiPNsSy7jtr-CdHADSh03Tb5yBp3b2JY0_gPXRHDrrKKq9kszwFt7OrpW86EykgtSRzg_xXusqURFGnEWNUDJLJqCc3y30cuHjJGiqtMovRBbZUwtkOk_Nwq76RuI_luxxYQl9F4BXhzaQSp2PCQGuCuKXqlbUhD5ISGSIa4xT0n0XhyceaMg73EpeyKu5wGKFZyM2oosEj7z2ZYXA7a1V-9h_pjp31OgecGPceeCJKpMIarDDtd899FEPV78ONG8gtkbse8RJwPjFFOzXN24oiXoMYgcrs1vhhBQqglkY9G5nqEAWTS0nohungT0qAsBYtZHwkSuOHNSmKUalZonadX4HmC7nf9Q967oZ4Z8IEW-T09g&sai=AMfl-YSoS6zUMXqRebC-vBuaVC0YAPt20XrOgHDEvXr5AKCKiUBhKlWFMThqbjOiBzFJZzLpVPSG1Srr7n7fgjcYJRuH1HTbTQQCLMOWyGDchmQ4BeDqakqRbIqjxw8llkoqkQmb_cA8MSTG14NJdRsOiope219R9w&sig=Cg0ArKJSzDVK2K6OFGIHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1368&vt=11&dtpt=880&dett=3&cstd=484&cisv=r20220511.59817&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
SPug
simage4.pubmatic.com/AdServer/ Frame 1020 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D269f09d876621f44%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 68A5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DlOl9V_6olEQigZaS8fsW8Eofl7aTs7NLXac--o28YV8eryIglfNZ0NWWjKbxrtLPQT_FQQgNeued3TM2HKy3dWpIqoz5VJ45ssVlzwbMRUkiNK7s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 68A5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:49:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 68A5 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:49 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 68A5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:35:15 GMT
main.gr.19.8.309.js
static.adsafeprotected.com/ Frame C118 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.309.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=17841205&campId=16386003741&pubId=1&chanId=52321546355&placementId=410133277&dealId=549644393847897261&adsafe_par&impId=ABAjH0jEzmqLlgdAC8W71J0zCtzQ&bidurl=http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:42:44 GMT
content-encoding
gzip
age
893226
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 05 May 2022 17:31:51 GMT
server
AmazonS3
etag
W/"25d0c2239b60642eaeddad303e621bd4"
vary
Accept-Encoding
x-amz-version-id
mjEd7PtHn1L574wGfHZ2vjRyhTR.v7IU
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
iJiUyNS_l6V2Yuht1QXG1T-Tg4xid1Gadnav5JJo35MxGwtAmwZAmA==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 65F9 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
82565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 16 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C118 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76a7f8fcc5d46bf01d787daa908b436f1a68f947354700ccdc77e36fa7055de4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F746 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
34274
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 19:18:35 GMT
expires
Mon, 15 May 2023 19:18:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AD54 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c8287318ce146c23a8369e98a2f52f222b3f20dc7faa03297c35a51756f8778
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-72jphQdBZljRUrkgjBe2NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-72jphQdBZljRUrkgjBe2NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:49 GMT
expires
Mon, 16 May 2022 04:49:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles.css
s0.2mdn.net/6527551/1651227802756/stylesheets/ Frame 8976 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/6527551/1651227802756/stylesheets/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6262a1e821ff92a4f9ef1561d4e14b5b0c91a53b38c3a199c04f9dad30af3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1321
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:17 GMT
photo1.jpg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/photo1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fec2bec90ae85dfa2cf9709cfeda07d619feb599dcadd7de5da610b81d225511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:17 GMT
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18642
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:17 GMT
text_11.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/text_11.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa1c905ddd7bd4e078fd6b3cc2241b3a8d05c37f0b68f473d6e6b613520c0ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3184
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
text_12.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		1 KB
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/text_12.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4981d5bde9e219461b01ae95ec2b80d9ba97ff82c745976a36face309839db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
669
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
text_13.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		2 KB
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/text_13.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb99052048ae65337db0cf788e5025531eff105966ee7b83c7f3bf179e0ef827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
929
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
logo_flag.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		311 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/logo_flag.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec699adbd5b88855392bde9c53ffaa03e051eb1642451fc38aa626c8d37546ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
photo2.jpg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/photo2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63193babfd752ab8554e09654315b13ec81638169aa3e6104ff888f0827f69c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11886
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
text_21.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/text_21.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e7399c983153584a83d1fd94b2892cb888bd925d82ed60de11825dc2ec198f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3519
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
text_22.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/text_22.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71a5c0febababb55318f7f8273866aa2a7a2bb41f48ef829684a6a9d9d6418ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1818
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
text_23.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/text_23.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d144cefb4a890e78b34230fd4c92ce912f7d649249f119bf6dce42fa317b293a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2156
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
cta.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/cta.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a43c8c4b6be5be943caaff32ba3185a5bf2bd0a06ef0197d953e34cf7dde4270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1863
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
logo_visa.svg
s0.2mdn.net/6527551/1651227802756/images/ Frame 8976 		994 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6527551/1651227802756/images/logo_visa.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6527551/1651227802756/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad28b4ae5e5197a789d8e214a1f8d0a9a8ea334ed25924a8593a0c5cbefb56d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/6527551/1651227802756/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
622
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 10:23:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:34:18 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E547 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
47376
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:40:13 GMT
expires
Mon, 15 May 2023 15:40:13 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7BE6 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNXPbMbBSsR0zkCQ-TFq5BX3u2E9TQHsaSVAd3o5nBK29W-Py1J4PGOZIgst4KYQ1NzZwD80EleBQbdu_Td2li6kd1EXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 68A5 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-iZr4QFfXLtLWtYhnd6WMk05aEXQSN8s8i53G9036oLaP2ZCDfpsTOWAeRn5AOCycd3GMzqqHnM0So-vCEqJ6OcYdOukn0I6-DdCVkiSQcrmMO6QqbaPAQAlf5TGM_-245Swx3dsJIIcSEpU2BbAgH7GfFA&dbm_d=AKAmf-AjkYYz6ERTOARHYIFKPEsdxosbrMB3eFjXd-c6it_oaRN6Wi5ThwOeFLRJ2Ogt-3974sjKpj_UcRXmk4fMj6cBXSl8AqNHH3CQhC8phYsPzRRcE6WCEO3laJeLVQ43Dg35Ji2fpPSmFBoi_7ZVtqv8F-oMZaClT8Dy-h5MsMfkPiVGjnNfVHmMWnBJ0r-3kxE6kSLpfCR1uXGD4PPs8p8RfzSg4DPm8BEXiWi1PQ9HAIuvNxDoH9w3bxMIsaApyRASR2L-zR_gLy5kcel9C-5iNtu1uUinTcezD-yqXycc249II5GHVM0MvXNpdJafdh9UOKu9ZFByxayQXqLseYLgm-oKv0OKbqoFJl8XnzwFwYJvAge55y0ZoTs1shgArrwEBWaaYGOilKV7e8t9jbqxu0CQ2ad_UKo1rhtLebpjWrycpI79Rk1paUt1aLbvPyDPRRK_o2VUPC2cA_gcU6Smt26KAQpI45Qtr-7lnRp4NIIQ_brNXBJ-FSfiK5bJzVF3KcPACffaMpJLEigIHR4ziWDxBQYF2E8Pxvs4UKSdWBFegKW-PUXm4YeDWujrp07DCaf9NSb73xC6RKHBZLlHDgQDlRctHtit6o5wW9BxJqF4dvmp406fLUtV7dmI-I1y2inAnptpPgh2FO1L032IJfByxQ07dF5EJ3ThfNVsaJcY7FsGjHeXKmlazSQi9EvK0CLz594b2RmPpqCYtZ0id_skizANfip-TDN66SgaOdfr989XWv4E4YtzEwf0MQ9OIQMr-FO6JPf2F7Nf2tqliuOMVYDSEbswPvweFSK_ITEYWf56ejJ5nox2Jd8vea90pJLDopeOEer2yt6HgeQ60Y80nLqm_p9HlIENQ7YgmYPVrb6pA2nN8L7aRNWK9HcXVWb2Zdd6lmQuumqe-t6_B2VpuUmlkuwnscr1iverUP3A1PTemzKNjSaezsLOLE3tom9E282zaTCNJRGBbz9qxNaNUMMgmISAtkFTC4NTiIu6YNedfPa74ISLmbGfe3zE3Ds9TbevSGqyvdhI9KnIV8hvrUs6NK7C8TV8mL_8ty0TZGQD-AzKmVkFN-Agxi3g7whhMIJf2TQG455qDmCUMWjRwquodgIcs_Pahm-sAps_bq7FW5YM8rV1KLeCMYP9PYTO4T1zOaBYjKrGPJZRe3Hj_lkpXUREn9J_rJ_EVUkaE6T5q_fOkcm5Y1w2EvhTscxoW7Knk1Zml85vQvtdxeORJD6brGpmWNlqJdB6mzcYdeDlNSArfatBGB8qm_z_lZdbn6j09y0Vt120IpT1hhUMmOKM1_f-ErNUy56eCxHdPq79w9wcPtCB-CwSnIFOSAUBrbypmGbeM9vpczg1OHWjxRZOTh5lzOSL3zdDAz1x6wch8qXfwU3UrRobqvNErImPYaYLb5itRFSZjxQ9tXULNurmwnfd22PIxQNMJrc6xI2OgxgmyUBgm5IROBHdcIR8Eyq6XhbqmKf3ZV6drRHWafBU-zuCYPfuD9KRUw2jKxijA8K1MlP6UsgWmKRrfd2CFV-5VTQH9TJxmCBoPsX1hWFBXFYnpXFLtG-xQPfSMKFw4aiyAJz2G5wAQD-n-bxpvrGHc88RpsO2dIMhoMZyWET3iMenOxECTzhOVoJhSD_YDGfwi5nD8CezqYqUZQ-lvqKPClUcoPR0NhRGvDJvqLd7aZmPOVa-kao2ojQeMIhUbKWC0O3kFJOEjTSqjaCb37CFiNITOL2pawFzI7-Cc5Tgk0p5Oijqn0fbuPA-o2B82qEMTITwxn1twqa3_FJxboYEgUyAQdohDULrBNmTbwdZBLl-zTTN7PzZHREaPgNmjQ1-SebKhHiaGY9iYZMRaLrOb7StKbYrT72vY6n-MQ1G8JyrN672K_eAxue2hMSGGaPxr6EDDuW_30Sdb-mMHKDaGw-P41Sg_9M9APetxFnHWxwJkAU-n8XKe_M8GVyO0yJFHvcuV0n6Yf46g9oinYcnqQz_VgkB4OPX3iWu5EaNSwb__2dCVWkNb8i76hpqLTvxg1S6lom461xTed9cS_HzV3E096btchEMag6dEkJTa82eS6SQ7nqN3gbMzv8LOiGaHyofFdiDLstDVPaw3u2fLPgtiNJWAs_fRqUrCzaPfiaBqd2TWOupe_NuRC7LBxeHwF2Sqndt2ec6cboz7k0UYTwgnOqgHjZbq5i4YQGiJiNuo7pfgmov_Ksu1W4hsZsMLL182--MYK5VEUcJot2YVpf8JhjwH76zhFdJs5fcKqZEufDvAbNLEtopuBUm-faS6V5e2zxp2o0BVM1TnPynSMIwERBZSPrQqdAER9JXSIbJKV0vFzr9ow1cbnOeATzJuZ4Zfvhd1a3DiSmd7gV1fdeRiwdpmiCSB18t36u_nXITdPVmSbiXVXB-HZ21xsh0Kv92mxUa23jA6TsQopzIiL1ki9tXWIyKpuRtAfHTe_4Dat9jVvUjNN3-7IowRlHjEOXFs9Kgc1pHVsYhecCIqY8rhhfjfio2V9VpFvuXZEIYTQ9eVE9Xq2xO-meaEmeUTtLq0ucqqxKDjvokhSMcNfy7UhUGRsxER_vt-kLfXnXbmX__GpMbgxgefy3pdr86H3sg8H4sKEmaGBjzhPqY04yfIhgYudidv1hAXvuqEovubja2AXoPuTW-jAY_069MElFtA5fhGy1NUd9PE4oLrAl4xhkm0js-kwVvyYXYH_GMDIySKM-zX01uOQ6NiXpm957owbIYhA5KuRU0dCjpBcnOuDaxDV-RoAbOrKEYnoISxp8XGAkxNSh2drnMUBYRoEp5DziqGF3LdGlsBzBrjAumn5ZsiQ3H6GZGhIClaixbSw7VSeRWoconBobL3o-utus5g5Ra1aI2-sMgswIMs3frwbJ9Ls7JLECuGbmPoN9vxwYBmVi370d2zDWjv2nnIMv9isxFMlN4_TNX59Xy3YBaYFM4a9xbrYjnnxZRvMM_HJjQYZ0UzcIbbjio5hUuFUgDT0oTQvtZLmChoKse3-9kEn-vxERqbL8iDEwfHLlL5ap0Lj3lN1ALewj35LCLIaxYZvYG5efErOd4ectQjNjuocPhfC_xCuen1zUIS6DWXL5g3jtMG40j_qJJBmdOHo0CWQi_GL5GZEmK_rbh152wVDc51d1uns4KGbQ8WGVyP_B1umOwJgo-KhUsVKvCNdAkQ0e1132IvU_l4HPFOdIo-WIxU2rcw9Ju3WIn0i-SWZkwJOO4JAa7mYyn5XTVluj_wssRvyBPVKzTC_oUC_Wh2x9b8Z3ZDXkgFmVHj6e9ETMNPtKFZtAEElkvLr7ENmTaOA5csaJIchyQgkUKpNZb-J2mImltpusThD7GbfQyaeVOqtBqiBZ_n0SKEfrVxgBvafJBieqYn6VWXbr49vPTZVEsMYNpDK3zBFWl2Mfk9iRQ-cbGvcD8j_Bn1bvGzURmh5HfbW-Q2MpG6FzcwL5DMUPevr6ijKIL1ulUgkP4rYdZ56yavwZ3QiP01g7YeSm5dNZLRGraNfibHxq40GhAr_8hlIIhTjprsmtBgDA4BjULEUx-9M5YU3T_Qo7J4k3jp2F8xjuMw1wQ&cid=CAASEuRoJxMSYEX9aYUAh7yY9n4Riw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3fa35edd693685d78f7827dd1f8960cf22dbac1edbcc103d07d99bd44312df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C116
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENhZHFvJ5AwRjFL-74npNVw&google_cver=1&google_push=AYg5qPLnVJa_pl0zleXlpshEtk0w7DRzkAL0RamzVn44MwJ8HOejdeQRl7...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLnVJa_pl0zleXlpshEtk0w7DRzkAL0RamzVn44MwJ8HOejdeQRl7qTrf47LO8T0PI5EJqJJoeKjjwVGblfaLU-FjGx-Y3g&google_hm=YLErkZqdm2hE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLnVJa_pl0zleXlpshEtk0w7DRzkAL0RamzVn44MwJ8HOejdeQRl7qTrf47LO8T0PI5EJqJJoeKjjwVGblfaLU-FjGx-Y3g&google_hm=YLErkZqdm2hEB0cVdZBUag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLnVJa_pl0zleXlpshEtk0w7DRzkAL0RamzVn44MwJ8HOejdeQRl7qTrf47LO8T0PI5EJqJJoeKjjwVGblfaLU-FjGx-Y3g&google_hm=YLErkZqdm2hEB0cVdZBUag
pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame C116 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEI-9U48Bi0IrnHvkPrOUloA&google_push=AYg5qPJE5NyFM6Wk2Jw4ndC26b3ZLrxeyT6movvQgdrM2UZf3zHx3r7xkON-yGGinGQr3X3XChDC3gFpnTOeAatir3J_jwpzLVI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame C116 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHc14NYZ_ZDHtckqtoVHPRw&google_cver=1&google_push=AYg5qPK6zsKej4xs_dsOmRAD5dmOPIJkNMYiNFVqIEQR-BlLqrVWQOMhLkjdrp5PRpcK9YNDvX0__CT38XEd4UptIu5B1tDC267v
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
1aat9nbmq1fot1dn2k8rv6h150kqomcq
pixel
cm.g.doubleclick.net/ Frame C116
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOPb98SN2RIVFZtzaAjSAZgh9i_XZsda1Pxyo96k1aBL-C7nroEAmW3piOpz8BK4A2oTLvUYxxoW-yz4QXusv5xHuiP8xd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOPb98SN2RIVFZtzaAjSAZgh9i_XZsda1Pxyo96k1aBL-C7nroEAmW3piOpz8BK4A2oTLvUYxxoW-yz4QXusv5xHuiP8xd
date
Mon, 16 May 2022 04:49:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C116
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBNcpCb-7WYvq3w24Zm6zzI&google_cver=1&google_push=AYg5qPI58dWuqltwydHGG2gZ6W3jpA6Ko1TOk11Fjb8kEsxUR6HEBDr1vDHNkXNdwL9SW9-GRnj...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlZNDMtMjQtR1FPVA==&google_push=AYg5qPI58dWuqltwydHGG2gZ6W3jpA6Ko1TOk11Fjb8kEsxUR6HEBDr1vDHNkXNdwL9SW9-GRnjORtqlFRXrQHumISneNNepqCq4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlZNDMtMjQtR1FPVA==&google_push=AYg5qPI58dWuqltwydHGG2gZ6W3jpA6Ko1TOk11Fjb8kEsxUR6HEBDr1vDHNkXNdwL9SW9-GRnjORtqlFRXrQHumISneNNepqCq4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlZNDMtMjQtR1FPVA==&google_push=AYg5qPI58dWuqltwydHGG2gZ6W3jpA6Ko1TOk11Fjb8kEsxUR6HEBDr1vDHNkXNdwL9SW9-GRnjORtqlFRXrQHumISneNNepqCq4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame C116
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_cver=1&google_push=AYg5qPIvFkEl7t8W30JzQxYOAdZKprrAWncYRUMZ1-WyAqpT4NoNrPPvpBDrtZaQ5zlxiuZTrdfd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_cver=1&google_push=AYg5qPIvFkEl7t8W30JzQxYOAdZKprrAWncYRUMZ1-WyAqpT4NoNrPPvpBDrtZaQ5zlxiuZTrdfdfIP1td8K2GkV5XfDEh4BK-bv&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_cver=1&google_push=AYg5qPIvFkEl7t8W30JzQxYOAdZKprrAWncYRUMZ1-WyAqpT4NoNrPPvpBDrtZaQ5zlxiuZTrdfdfIP1td8K2GkV5XfDEh4BK-bv&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Mon, 16 May 2022 04:49:49 GMT
googleredir
googlecm.hit.gemius.pl/ Frame C116 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame C116 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_wP92jc_Rs2FcD6MwVyT1d3XHUJkqlD6P7yEIWrOfOJcPLEBiqju6W8xTbE-gGmnukW6NNA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 074D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjEvd7NeBYtmpEvezx_AP88eW8AkAAAAAOAHgBAI&bg=!e3ileDzNAAZL3OSAa9w7ACkAdvg8Wh7WYHSmxM_arvI78CTvdWzyxMqExF-S3v453c_ewEqw3pMhLgIAAAKRUgAAAANoAQcKACRigINImsriRVX2ZlKVG5UNgN6P91d_JNN79gZTzfhsXtoo4biZAvmKNIogVlBnid2s_Nhe-WZkBQd__mUeLY09SkmPiZHM3phpChvazPlt0ZPfqufgjkovIC3cZyNZky5-w38alIVypXsAgTupD4YpJCQPZlVl7WE6ZZjk_rBJPsetRTu26ovsgAZ2A1qjjG9I1c7PbdHOjm0Gr29XFkZmGNMGaH9SrzYNFl1cXcieYVPlOhaOVaAyswSWV8aDYYfdOaumoxddNJK9qwZbpWniScNBkqGWpOxT7Mdd0JSdh50jojgcJUTO9pVraMIbEW19DJbiFX0aWVdF20IhpYq7_rL-xgnHf4z_hB1x-qE3zFdPhlYhYXcrNgCxTqCrIMtl0yygIAZHKfV-AL_Y6DZ1H32ujmchKgF6kcHuFHRkdTSx2ZLDOBOTMkjlhu76FQm4MM7MbO9K9A-IqKm2DwyoQ9l_oYYTyvokJ8SFBzN_85luvc4FCjTFJv-49DcLd-KBZQx3apqEeOhl_p9wKlHLQJXyxMtbq2_M1Fe7xPum4aJzt2yCSCgBHp6-TBr2HCWB2NTwM0g-R52hNJrpKFOnXfAV8iBfNXHM6K7hrp2AlDwpO-eevIEI7q3Q2mkUP9NVmD49y4-EAB68lt5R9ct5n5fhRiQ6x7VsErb0ft8loXu8sMiyowUZkd44Xq6BJjO_iGMU-hgzZN6dxZhmOaNrYkeSwL_hyhYTbTEVubkFUxgad-st18oRUl0noR2iiQGFEzzMHgTyvnwMc2JOHYxu5A6cRuekCn_oP_soynYavx2rNm_sJS2Nv8wldOiaKF7z4AS_OPkBxKCbzzGAGQ5hGV1Y0HZ-d2OLGtgaSBqLtccY5TEX5wWs-cbNnp6cxm_vzLigeInrHE7E9kFsOLs4wPSH9DyiLpTPj2YU3GVs5BHjXV-ADvTAwWdezJ7LUGGgkeiFq1TjXxamXGoXmWRCnExAK9B6VQ8UNSs4-se3OMf8OaTOqthEpZ_DJLTx3_ANK_3TwJY9pgm9kIiBUboSf58fZ-Rn9mvcxmpzsTvfUA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C118 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:49 GMT
index.html
s0.2mdn.net/8299540/1646069414603/ Frame 9C41 		78 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8299540/1646069414603/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf44662cb0c4b1cf318ef2ab43c8c598de23ca4c18fc16c0f1d3a94e3d1869e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
19374
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:49 GMT
expires
Tue, 17 May 2022 04:49:49 GMT
last-modified
Mon, 28 Feb 2022 17:30:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C118 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8ZyHMV6j7nNeLAkVbuckVRODkVp55mwxSbKJR_6uoG2HarXXsKeUR9GIoXYqgp4sc6vxcF0Rn7XKhDAqtV4J5lVFYDuyvjo9_zv7RJx7c7SNMI4iUnSp3P_iiypF2ckzRnWRR05201wnT4-bvUaQw&sig=Cg0ArKJSzG-BZ3xbhJjzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=203&cbvp=1&cstd=202&cisv=r20220511.40292&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/5825321732835115008/ Frame 9F06 		92 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:50 GMT
expires
Tue, 16 May 2023 04:49:50 GMT
last-modified
Wed, 27 Apr 2022 09:23:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6255 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvLSIRz7yUNqL_XOz7ZT7w0TvCsJCJAZEDBg3fTHdgTZCX3oUStNh8XIXT_fYoUmefvUm8214M27gcJCjf0S9pg5RtJxihJ4ETolVH6FHAqklxeJJcx8fH2JctO92bcmzfeih3a6dJcnZPnGimMoZbBtskTx5AOfZXRbfN9UCpRsMnwwXEybdWd0vXY2cqPiTb444mxEPBQhZHXDytw3P1KHYQlKEbsIay8xb2g0IkLo9lSPxbuEfo4dT9afG9LUIoQ2-cZaeawDcz6ZCzLk4GftaS_FeKJSIKY3rp26hlNkFEj-mUyxDwcL6HATKxye4Hneub5g99HHqOVPH8mLayJi7eKXlU1I-COd87kIIqq_5p47ppKUE2_rJoORtAexnGoyj4ZC1NSUyNC37LgkTgM2rpGZzHqDFgM_OKmkR4k4X8c0CObWoz7QpnZ-UOkxJV0wdGjFDNo9dxt93tCiGyMUJgTjJZsDil_tyxDo78E4noqnGcu5MQIVqEoAseuv94EI0RnPmDoNxH8p7otTkyA34B1VOkSywYXTMXQobwADqiCneBHwPgCxH7hqEtjOK88v4P3jjgRVHUH3zn-G7FaBITY27Xt__uRw-OeNV4YNayTIdwtXaNZkX1swduUs1GqMrjHZ1blalE0oq8SNhOr03zGnZR99taTz3xcNf11oHRZsCZ5nfYRQIT4dX06DrQnYo5_ea7Ij0OMSy19yHw_gS5NhsJz-SZx7HNEH-E5OMCbQlADRfkxevLbmEco2oXhc01y9zq3ff9EX_8Zj_Qs0x2MCastQlsubG3BPxMGc6BV2Z_slODsPUN8Ued5z3iuf8azS8vubYoRlkpLbJUqZ9J4heBP8MNyiFcbkkgFSBa4SPoZe_5d5oFisIyxCMlU6FqoyIz5-WEhDbuKDHcOgtdUZCHxZ_vfd6mzU7NxYj7jxE0M_J_kn56PxGpzNxmtRbBhPnwJil6kF6CBVLs5_8Y9mpd_wAwYLzJPa8_evXAD92XJb709K7poZNB4hP5_SEE0GyphFzctCgoNv3xw55uYTmtEygjmZ7tb7zAVjkWO0kujE3uEOrblghYl0U8Cb0IbJCuqw29oDFem75t84OgSyuB1x8fOoLqJthlcdGkXwOsvHCCy-8ogXIc9ZROoAZuUhTUNgtVmdQbK2cIlMyPUZq6QePfvYEtVYDym1pgZ_j_JXbWsbHutTt6&sai=AMfl-YSpU-rp21TWCk4JRDnXAU511XZaQmrXrazavL7zIIAqNC_7apJd48DRm4vmh_pzGPwHvMaaCnL4QP4JUaUXdKBXtUdrU3NwKWeQSm-P7fjOhFBg39iThxj88NOO0IDNwExrddJlWrCbun4JkNzFc18GHkejRA&sig=Cg0ArKJSzPWQzoFhOJcVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&cbvp=1&cstd=239&cisv=r20220511.81089&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 16 May 2022 04:49:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame 07B8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MAuNHg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5E34 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_MyUHg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
um
u-ams02.e-planning.net/ Frame A4A8 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=c34d5ca477eefed6&uid=2d06b99d11404135cc92d15e3736930a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Dc34d5ca477eefed6%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 16 May 2022 04:49:50 GMT
server
openresty
generate_204
tpc.googlesyndication.com/ Frame 5624 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_BM99g
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 409D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
47377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:40:13 GMT
expires
Mon, 15 May 2023 15:40:13 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6255 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155820291&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588592&bpp=13&bdt=219&idt=329&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=6069189452853&frm=8&ife=1&pv=2&ga_vid=1967338439.1652676589&ga_sid=1652676589&ga_hid=1940710560&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2416082253&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067545%2C31060048%2C31067419%2C31067526&oid=2&pvsid=2145194115485608&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.zpnfrotd5ip&fsb=1&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 15:40:13 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 68A5 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 02:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 02:50:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 68A5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-iZr4QFfXLtLWtYhnd6WMk05aEXQSN8s8i53G9036oLaP2ZCDfpsTOWAeRn5AOCycd3GMzqqHnM0So-vCEqJ6OcYdOukn0I6-DdCVkiSQcrmMO6QqbaPAQAlf5TGM_-245Swx3dsJIIcSEpU2BbAgH7GfFA&dbm_d=AKAmf-AjkYYz6ERTOARHYIFKPEsdxosbrMB3eFjXd-c6it_oaRN6Wi5ThwOeFLRJ2Ogt-3974sjKpj_UcRXmk4fMj6cBXSl8AqNHH3CQhC8phYsPzRRcE6WCEO3laJeLVQ43Dg35Ji2fpPSmFBoi_7ZVtqv8F-oMZaClT8Dy-h5MsMfkPiVGjnNfVHmMWnBJ0r-3kxE6kSLpfCR1uXGD4PPs8p8RfzSg4DPm8BEXiWi1PQ9HAIuvNxDoH9w3bxMIsaApyRASR2L-zR_gLy5kcel9C-5iNtu1uUinTcezD-yqXycc249II5GHVM0MvXNpdJafdh9UOKu9ZFByxayQXqLseYLgm-oKv0OKbqoFJl8XnzwFwYJvAge55y0ZoTs1shgArrwEBWaaYGOilKV7e8t9jbqxu0CQ2ad_UKo1rhtLebpjWrycpI79Rk1paUt1aLbvPyDPRRK_o2VUPC2cA_gcU6Smt26KAQpI45Qtr-7lnRp4NIIQ_brNXBJ-FSfiK5bJzVF3KcPACffaMpJLEigIHR4ziWDxBQYF2E8Pxvs4UKSdWBFegKW-PUXm4YeDWujrp07DCaf9NSb73xC6RKHBZLlHDgQDlRctHtit6o5wW9BxJqF4dvmp406fLUtV7dmI-I1y2inAnptpPgh2FO1L032IJfByxQ07dF5EJ3ThfNVsaJcY7FsGjHeXKmlazSQi9EvK0CLz594b2RmPpqCYtZ0id_skizANfip-TDN66SgaOdfr989XWv4E4YtzEwf0MQ9OIQMr-FO6JPf2F7Nf2tqliuOMVYDSEbswPvweFSK_ITEYWf56ejJ5nox2Jd8vea90pJLDopeOEer2yt6HgeQ60Y80nLqm_p9HlIENQ7YgmYPVrb6pA2nN8L7aRNWK9HcXVWb2Zdd6lmQuumqe-t6_B2VpuUmlkuwnscr1iverUP3A1PTemzKNjSaezsLOLE3tom9E282zaTCNJRGBbz9qxNaNUMMgmISAtkFTC4NTiIu6YNedfPa74ISLmbGfe3zE3Ds9TbevSGqyvdhI9KnIV8hvrUs6NK7C8TV8mL_8ty0TZGQD-AzKmVkFN-Agxi3g7whhMIJf2TQG455qDmCUMWjRwquodgIcs_Pahm-sAps_bq7FW5YM8rV1KLeCMYP9PYTO4T1zOaBYjKrGPJZRe3Hj_lkpXUREn9J_rJ_EVUkaE6T5q_fOkcm5Y1w2EvhTscxoW7Knk1Zml85vQvtdxeORJD6brGpmWNlqJdB6mzcYdeDlNSArfatBGB8qm_z_lZdbn6j09y0Vt120IpT1hhUMmOKM1_f-ErNUy56eCxHdPq79w9wcPtCB-CwSnIFOSAUBrbypmGbeM9vpczg1OHWjxRZOTh5lzOSL3zdDAz1x6wch8qXfwU3UrRobqvNErImPYaYLb5itRFSZjxQ9tXULNurmwnfd22PIxQNMJrc6xI2OgxgmyUBgm5IROBHdcIR8Eyq6XhbqmKf3ZV6drRHWafBU-zuCYPfuD9KRUw2jKxijA8K1MlP6UsgWmKRrfd2CFV-5VTQH9TJxmCBoPsX1hWFBXFYnpXFLtG-xQPfSMKFw4aiyAJz2G5wAQD-n-bxpvrGHc88RpsO2dIMhoMZyWET3iMenOxECTzhOVoJhSD_YDGfwi5nD8CezqYqUZQ-lvqKPClUcoPR0NhRGvDJvqLd7aZmPOVa-kao2ojQeMIhUbKWC0O3kFJOEjTSqjaCb37CFiNITOL2pawFzI7-Cc5Tgk0p5Oijqn0fbuPA-o2B82qEMTITwxn1twqa3_FJxboYEgUyAQdohDULrBNmTbwdZBLl-zTTN7PzZHREaPgNmjQ1-SebKhHiaGY9iYZMRaLrOb7StKbYrT72vY6n-MQ1G8JyrN672K_eAxue2hMSGGaPxr6EDDuW_30Sdb-mMHKDaGw-P41Sg_9M9APetxFnHWxwJkAU-n8XKe_M8GVyO0yJFHvcuV0n6Yf46g9oinYcnqQz_VgkB4OPX3iWu5EaNSwb__2dCVWkNb8i76hpqLTvxg1S6lom461xTed9cS_HzV3E096btchEMag6dEkJTa82eS6SQ7nqN3gbMzv8LOiGaHyofFdiDLstDVPaw3u2fLPgtiNJWAs_fRqUrCzaPfiaBqd2TWOupe_NuRC7LBxeHwF2Sqndt2ec6cboz7k0UYTwgnOqgHjZbq5i4YQGiJiNuo7pfgmov_Ksu1W4hsZsMLL182--MYK5VEUcJot2YVpf8JhjwH76zhFdJs5fcKqZEufDvAbNLEtopuBUm-faS6V5e2zxp2o0BVM1TnPynSMIwERBZSPrQqdAER9JXSIbJKV0vFzr9ow1cbnOeATzJuZ4Zfvhd1a3DiSmd7gV1fdeRiwdpmiCSB18t36u_nXITdPVmSbiXVXB-HZ21xsh0Kv92mxUa23jA6TsQopzIiL1ki9tXWIyKpuRtAfHTe_4Dat9jVvUjNN3-7IowRlHjEOXFs9Kgc1pHVsYhecCIqY8rhhfjfio2V9VpFvuXZEIYTQ9eVE9Xq2xO-meaEmeUTtLq0ucqqxKDjvokhSMcNfy7UhUGRsxER_vt-kLfXnXbmX__GpMbgxgefy3pdr86H3sg8H4sKEmaGBjzhPqY04yfIhgYudidv1hAXvuqEovubja2AXoPuTW-jAY_069MElFtA5fhGy1NUd9PE4oLrAl4xhkm0js-kwVvyYXYH_GMDIySKM-zX01uOQ6NiXpm957owbIYhA5KuRU0dCjpBcnOuDaxDV-RoAbOrKEYnoISxp8XGAkxNSh2drnMUBYRoEp5DziqGF3LdGlsBzBrjAumn5ZsiQ3H6GZGhIClaixbSw7VSeRWoconBobL3o-utus5g5Ra1aI2-sMgswIMs3frwbJ9Ls7JLECuGbmPoN9vxwYBmVi370d2zDWjv2nnIMv9isxFMlN4_TNX59Xy3YBaYFM4a9xbrYjnnxZRvMM_HJjQYZ0UzcIbbjio5hUuFUgDT0oTQvtZLmChoKse3-9kEn-vxERqbL8iDEwfHLlL5ap0Lj3lN1ALewj35LCLIaxYZvYG5efErOd4ectQjNjuocPhfC_xCuen1zUIS6DWXL5g3jtMG40j_qJJBmdOHo0CWQi_GL5GZEmK_rbh152wVDc51d1uns4KGbQ8WGVyP_B1umOwJgo-KhUsVKvCNdAkQ0e1132IvU_l4HPFOdIo-WIxU2rcw9Ju3WIn0i-SWZkwJOO4JAa7mYyn5XTVluj_wssRvyBPVKzTC_oUC_Wh2x9b8Z3ZDXkgFmVHj6e9ETMNPtKFZtAEElkvLr7ENmTaOA5csaJIchyQgkUKpNZb-J2mImltpusThD7GbfQyaeVOqtBqiBZ_n0SKEfrVxgBvafJBieqYn6VWXbr49vPTZVEsMYNpDK3zBFWl2Mfk9iRQ-cbGvcD8j_Bn1bvGzURmh5HfbW-Q2MpG6FzcwL5DMUPevr6ijKIL1ulUgkP4rYdZ56yavwZ3QiP01g7YeSm5dNZLRGraNfibHxq40GhAr_8hlIIhTjprsmtBgDA4BjULEUx-9M5YU3T_Qo7J4k3jp2F8xjuMw1wQ&cid=CAASEuRoJxMSYEX9aYUAh7yY9n4Riw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:45:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 68A5 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-iZr4QFfXLtLWtYhnd6WMk05aEXQSN8s8i53G9036oLaP2ZCDfpsTOWAeRn5AOCycd3GMzqqHnM0So-vCEqJ6OcYdOukn0I6-DdCVkiSQcrmMO6QqbaPAQAlf5TGM_-245Swx3dsJIIcSEpU2BbAgH7GfFA&dbm_d=AKAmf-AjkYYz6ERTOARHYIFKPEsdxosbrMB3eFjXd-c6it_oaRN6Wi5ThwOeFLRJ2Ogt-3974sjKpj_UcRXmk4fMj6cBXSl8AqNHH3CQhC8phYsPzRRcE6WCEO3laJeLVQ43Dg35Ji2fpPSmFBoi_7ZVtqv8F-oMZaClT8Dy-h5MsMfkPiVGjnNfVHmMWnBJ0r-3kxE6kSLpfCR1uXGD4PPs8p8RfzSg4DPm8BEXiWi1PQ9HAIuvNxDoH9w3bxMIsaApyRASR2L-zR_gLy5kcel9C-5iNtu1uUinTcezD-yqXycc249II5GHVM0MvXNpdJafdh9UOKu9ZFByxayQXqLseYLgm-oKv0OKbqoFJl8XnzwFwYJvAge55y0ZoTs1shgArrwEBWaaYGOilKV7e8t9jbqxu0CQ2ad_UKo1rhtLebpjWrycpI79Rk1paUt1aLbvPyDPRRK_o2VUPC2cA_gcU6Smt26KAQpI45Qtr-7lnRp4NIIQ_brNXBJ-FSfiK5bJzVF3KcPACffaMpJLEigIHR4ziWDxBQYF2E8Pxvs4UKSdWBFegKW-PUXm4YeDWujrp07DCaf9NSb73xC6RKHBZLlHDgQDlRctHtit6o5wW9BxJqF4dvmp406fLUtV7dmI-I1y2inAnptpPgh2FO1L032IJfByxQ07dF5EJ3ThfNVsaJcY7FsGjHeXKmlazSQi9EvK0CLz594b2RmPpqCYtZ0id_skizANfip-TDN66SgaOdfr989XWv4E4YtzEwf0MQ9OIQMr-FO6JPf2F7Nf2tqliuOMVYDSEbswPvweFSK_ITEYWf56ejJ5nox2Jd8vea90pJLDopeOEer2yt6HgeQ60Y80nLqm_p9HlIENQ7YgmYPVrb6pA2nN8L7aRNWK9HcXVWb2Zdd6lmQuumqe-t6_B2VpuUmlkuwnscr1iverUP3A1PTemzKNjSaezsLOLE3tom9E282zaTCNJRGBbz9qxNaNUMMgmISAtkFTC4NTiIu6YNedfPa74ISLmbGfe3zE3Ds9TbevSGqyvdhI9KnIV8hvrUs6NK7C8TV8mL_8ty0TZGQD-AzKmVkFN-Agxi3g7whhMIJf2TQG455qDmCUMWjRwquodgIcs_Pahm-sAps_bq7FW5YM8rV1KLeCMYP9PYTO4T1zOaBYjKrGPJZRe3Hj_lkpXUREn9J_rJ_EVUkaE6T5q_fOkcm5Y1w2EvhTscxoW7Knk1Zml85vQvtdxeORJD6brGpmWNlqJdB6mzcYdeDlNSArfatBGB8qm_z_lZdbn6j09y0Vt120IpT1hhUMmOKM1_f-ErNUy56eCxHdPq79w9wcPtCB-CwSnIFOSAUBrbypmGbeM9vpczg1OHWjxRZOTh5lzOSL3zdDAz1x6wch8qXfwU3UrRobqvNErImPYaYLb5itRFSZjxQ9tXULNurmwnfd22PIxQNMJrc6xI2OgxgmyUBgm5IROBHdcIR8Eyq6XhbqmKf3ZV6drRHWafBU-zuCYPfuD9KRUw2jKxijA8K1MlP6UsgWmKRrfd2CFV-5VTQH9TJxmCBoPsX1hWFBXFYnpXFLtG-xQPfSMKFw4aiyAJz2G5wAQD-n-bxpvrGHc88RpsO2dIMhoMZyWET3iMenOxECTzhOVoJhSD_YDGfwi5nD8CezqYqUZQ-lvqKPClUcoPR0NhRGvDJvqLd7aZmPOVa-kao2ojQeMIhUbKWC0O3kFJOEjTSqjaCb37CFiNITOL2pawFzI7-Cc5Tgk0p5Oijqn0fbuPA-o2B82qEMTITwxn1twqa3_FJxboYEgUyAQdohDULrBNmTbwdZBLl-zTTN7PzZHREaPgNmjQ1-SebKhHiaGY9iYZMRaLrOb7StKbYrT72vY6n-MQ1G8JyrN672K_eAxue2hMSGGaPxr6EDDuW_30Sdb-mMHKDaGw-P41Sg_9M9APetxFnHWxwJkAU-n8XKe_M8GVyO0yJFHvcuV0n6Yf46g9oinYcnqQz_VgkB4OPX3iWu5EaNSwb__2dCVWkNb8i76hpqLTvxg1S6lom461xTed9cS_HzV3E096btchEMag6dEkJTa82eS6SQ7nqN3gbMzv8LOiGaHyofFdiDLstDVPaw3u2fLPgtiNJWAs_fRqUrCzaPfiaBqd2TWOupe_NuRC7LBxeHwF2Sqndt2ec6cboz7k0UYTwgnOqgHjZbq5i4YQGiJiNuo7pfgmov_Ksu1W4hsZsMLL182--MYK5VEUcJot2YVpf8JhjwH76zhFdJs5fcKqZEufDvAbNLEtopuBUm-faS6V5e2zxp2o0BVM1TnPynSMIwERBZSPrQqdAER9JXSIbJKV0vFzr9ow1cbnOeATzJuZ4Zfvhd1a3DiSmd7gV1fdeRiwdpmiCSB18t36u_nXITdPVmSbiXVXB-HZ21xsh0Kv92mxUa23jA6TsQopzIiL1ki9tXWIyKpuRtAfHTe_4Dat9jVvUjNN3-7IowRlHjEOXFs9Kgc1pHVsYhecCIqY8rhhfjfio2V9VpFvuXZEIYTQ9eVE9Xq2xO-meaEmeUTtLq0ucqqxKDjvokhSMcNfy7UhUGRsxER_vt-kLfXnXbmX__GpMbgxgefy3pdr86H3sg8H4sKEmaGBjzhPqY04yfIhgYudidv1hAXvuqEovubja2AXoPuTW-jAY_069MElFtA5fhGy1NUd9PE4oLrAl4xhkm0js-kwVvyYXYH_GMDIySKM-zX01uOQ6NiXpm957owbIYhA5KuRU0dCjpBcnOuDaxDV-RoAbOrKEYnoISxp8XGAkxNSh2drnMUBYRoEp5DziqGF3LdGlsBzBrjAumn5ZsiQ3H6GZGhIClaixbSw7VSeRWoconBobL3o-utus5g5Ra1aI2-sMgswIMs3frwbJ9Ls7JLECuGbmPoN9vxwYBmVi370d2zDWjv2nnIMv9isxFMlN4_TNX59Xy3YBaYFM4a9xbrYjnnxZRvMM_HJjQYZ0UzcIbbjio5hUuFUgDT0oTQvtZLmChoKse3-9kEn-vxERqbL8iDEwfHLlL5ap0Lj3lN1ALewj35LCLIaxYZvYG5efErOd4ectQjNjuocPhfC_xCuen1zUIS6DWXL5g3jtMG40j_qJJBmdOHo0CWQi_GL5GZEmK_rbh152wVDc51d1uns4KGbQ8WGVyP_B1umOwJgo-KhUsVKvCNdAkQ0e1132IvU_l4HPFOdIo-WIxU2rcw9Ju3WIn0i-SWZkwJOO4JAa7mYyn5XTVluj_wssRvyBPVKzTC_oUC_Wh2x9b8Z3ZDXkgFmVHj6e9ETMNPtKFZtAEElkvLr7ENmTaOA5csaJIchyQgkUKpNZb-J2mImltpusThD7GbfQyaeVOqtBqiBZ_n0SKEfrVxgBvafJBieqYn6VWXbr49vPTZVEsMYNpDK3zBFWl2Mfk9iRQ-cbGvcD8j_Bn1bvGzURmh5HfbW-Q2MpG6FzcwL5DMUPevr6ijKIL1ulUgkP4rYdZ56yavwZ3QiP01g7YeSm5dNZLRGraNfibHxq40GhAr_8hlIIhTjprsmtBgDA4BjULEUx-9M5YU3T_Qo7J4k3jp2F8xjuMw1wQ&cid=CAASEuRoJxMSYEX9aYUAh7yY9n4Riw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 04:49:32 GMT
pixel
cm.g.doubleclick.net/ Frame 65F9
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENhZHFvJ5AwRjFL-74npNVw&google_cver=1&google_push=AYg5qPIK9VUnUEv7kudf0PqX3a1fm0ekSD5WJiYlHoE-aATKMkWEnvDVTa...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIK9VUnUEv7kudf0PqX3a1fm0ekSD5WJiYlHoE-aATKMkWEnvDVTa-iGZTVpPKtg-chOFv9SbCwDw5arXapYtGOStnepMY9&google_hm=YLErkZqdm2hE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIK9VUnUEv7kudf0PqX3a1fm0ekSD5WJiYlHoE-aATKMkWEnvDVTa-iGZTVpPKtg-chOFv9SbCwDw5arXapYtGOStnepMY9&google_hm=YLErkZqdm2hEB0cVdZBUag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIK9VUnUEv7kudf0PqX3a1fm0ekSD5WJiYlHoE-aATKMkWEnvDVTa-iGZTVpPKtg-chOFv9SbCwDw5arXapYtGOStnepMY9&google_hm=YLErkZqdm2hEB0cVdZBUag
pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 65F9
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKPsj1C7Fh-uz6leAYzdmfU6JLz9xItofou0-sHTYj1Wfy4JxR8XfPU33sZOE34HArU_6GY8C1t2yfG-NrYatukaWcJwXd4mA&google_gid=CAESECMQHgTq-GqPpH0Quipar4k&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO6vh5QGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBLUHNqMUM3RmgtdXo2bGVBWXpkbWZVNkpMejl4SXRvZm91MC1zSFRZajFXZnk0SnhSOFhmUFUzM3NaT0UzNEhBclVfNkdZOEMxdDJ5ZkctTn...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdmpmbTU1cFRMN0Uwd2xRbDZid1hwLWRsU3hRajQ1MzZXS3NlSEk0dGxlcw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdmpmbTU1cFRMN0Uwd2xRbDZid1hwLWRsU3hRajQ1MzZXS3NlSEk0dGxlcw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 16 May 2022 04:49:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdmpmbTU1cFRMN0Uwd2xRbDZid1hwLWRsU3hRajQ1MzZXS3NlSEk0dGxlcw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 65F9 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHc14NYZ_ZDHtckqtoVHPRw&google_cver=1&google_push=AYg5qPKm7KYbQlbHM5ZaIBskVXYpaI9vm2kcGsuvZZm9vME50kKr7EedGHqzfhmcie0070r7q4XbHScUUTyFJY2f97CK9A4j1FY4pA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
mu7p7ri7m6n9pcpr5oup1svpt6ds9q8h
pixel
cm.g.doubleclick.net/ Frame 65F9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIPBgSErCGxjV4LoJFqJbrdVe862OPiqfB6Jk6LdRCX1-e-FxwhLMra2l3idqZQOdqZhW5DA-tcHykfzwbUfdwO-wkCFpKvkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qKtskJmaT-O37_u-q_Kq1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIPBgSErCGxjV4LoJFqJbrdVe862OPiqfB6Jk6LdRCX1-e-FxwhLMra2l3idqZQOdqZhW5DA-tcHykfzwbUfdwO-wkCFpKvkg
date
Mon, 16 May 2022 04:49:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 65F9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBNcpCb-7WYvq3w24Zm6zzI&google_cver=1&google_push=AYg5qPIfJhp8WdBcIZfc7WNRatj5SEgKrwAzTNN2Cbz3rSOoi5MnVaMAgDUit-9-OI7UVg53GrH...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlZQVgtMjgtMkRJVQ==&google_push=AYg5qPIfJhp8WdBcIZfc7WNRatj5SEgKrwAzTNN2Cbz3rSOoi5MnVaMAgDUit-9-OI7UVg53GrHq41xt8qFl3zFg5gIuUuAFBWEKrw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlZQVgtMjgtMkRJVQ==&google_push=AYg5qPIfJhp8WdBcIZfc7WNRatj5SEgKrwAzTNN2Cbz3rSOoi5MnVaMAgDUit-9-OI7UVg53GrHq41xt8qFl3zFg5gIuUuAFBWEKrw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4OFlZQVgtMjgtMkRJVQ==&google_push=AYg5qPIfJhp8WdBcIZfc7WNRatj5SEgKrwAzTNN2Cbz3rSOoi5MnVaMAgDUit-9-OI7UVg53GrHq41xt8qFl3zFg5gIuUuAFBWEKrw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 65F9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_push=AYg5qPLPw3nSSrjPe_lA8uIn4EupV6zDIDULyfO7o1D9hhWC-lu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_push=AYg5qPLPw3nSSrjPe_lA8uIn4EupV6zDIDULyfO7o1D9hhWC-lun9088Hg1VQZGBbqdoIqfx9wkETlKGpH90yUst0_ITyicd1fvrFQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 May 2022 04:49:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoHX6pnKchycMLvXJupRmwAAAogAAAIB&google_gid=CAESEDPEQ6NPVGW4SsGRdLBBvzc&google_push=AYg5qPLPw3nSSrjPe_lA8uIn4EupV6zDIDULyfO7o1D9hhWC-lun9088Hg1VQZGBbqdoIqfx9wkETlKGpH90yUst0_ITyicd1fvrFQ&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
462
Expires
Mon, 16 May 2022 04:49:50 GMT
googleredir
googlecm.hit.gemius.pl/ Frame 65F9 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 65F9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LG1ebcVQpomVdeup8PVUCbf1fiI9h88vqjGNu8tKIpYf1o9ZhCwuMgVKHMwD2kIbvWQ5mN_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 9C41 		1 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Aleo:300,regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8299540/1646069414603/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e1bfd25d8af65af058c277e6232fab10c1568093283f40afc9ccfb2497a44ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:49:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 16 May 2022 04:49:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 May 2022 04:49:50 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 9C41 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8299540/1646069414603/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/8299540/1646069414603/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 12:53:13 GMT
truncated
/ Frame 6255 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3860a12777669e7d743f9ad8e6eb4f02d0653c6168c9acb97bbb5dbc474cc749

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxVcB,pingTime:-10,time:881,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1652676590152%7C%7Cf7bdc64425b4465fd885a07450e6e9dd%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C2862af0dec002e63231b98c65b56a7b2%7C%7Cc6cb92e9e636d75d67dc9ced3483f5fe%7C%7C7dc727fd32c838b92045fb9784c0375d%7C%7Cfa265952095ad64d6cb7cde1a039f7cb%7C%7C3489e4e3e7ea03f142ba6b736fc668aa%7C%7C1629390669%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1652676588&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587900&bpp=4&bdt=577&idt=185&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&cookie=ID%3D476014c565d1e2f7-227bf61596cd0099%3AT%3D1652676587%3ART%3D1652676587%3AS%3DALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ&correlator=463723020067&frm=23&ife=5&pv=1&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1466241595&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=918&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531557%2C44761044%2C31067584%2C21065725&oid=2&pvsid=2971698416934096&pem=550&tmod=276848470&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.v5qe3w52d1t&fsb=1&dtd=199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame E42C 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 02:32:42 GMT
content-encoding
gzip
age
3550629
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
CxZEduDn4v-fhdY3G7pUMUg4dGBEqbqRZKn8wwfSOK5uBJ829qvpJg==
mon
pixel.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=17841205&campId=16386003741&pubId=1&chanId=52321546355&placementId=410133277&dealId=549644393847897261&adsafe_par&impId=ABAjH0jEzmqLlgdAC8W71J0zCtzQ&bidurl=http://zdorovia.com.ua/&adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417938%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1652676587%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1652676587455%26bpp%3D3%26bdt%3D362%26idt%3D306%26shv%3Dr20220511%26mjsv%3Dm202205100101%26ptt%3D9%26saldr%3Daa%26correlator%3D463723020067%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D295295263.1652676586%26ga_sid%3D1652676586%26ga_hid%3D1707449053%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44763505%252C44763827%26oid%3D2%26pvsid%3D2606551401218276%26pem%3D550%26tmod%3D1162872940%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.fsvk4qls0hti%26fsb%3D1%26dtd%3D323&adsafe_type=d&adsafe_jsinfo=,id:175e5155-c1ab-3214-1e9d-ce1a3354ee8e,c:cKxVdj,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-lfk8n,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:370,fm:t5YaxSY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:402,oid:9d4eae46-d4d3-11ec-b964-0a3c39831930,v:19.8.309,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.237.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-237-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 892B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZ48G0ce2YGTdlAf6ykHbSkzLVkjB5tXMXdOqcZ2KtIGqgg3w0QsruarJKKvJjknUusSOznOO3WULW88BlAIMMfkU2Dd7DoN-9CXrDnxhvbthdTGBxajrwy7ty&sai=AMfl-YRRQ4r6sh4kNKSvSAD4RZkylpR5ERkg5ZBY-EH8tJbJh-3Wiin2tqyppBNwdVRfNbfdth6gKU_DX7ABSHWR3MaLOQLa3MVqyA0&sig=Cg0ArKJSzL0KlRYlL6-IEAE&cid=CAASEuRo_8L89W06ZIyE4IThcGIRiQ&id=lidar2&mcvt=1160&p=0,0,200,300&mtos=1160,1160,1160,1160,1160&tos=1160,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=132049923&rs=2&la=0&cr=0&vs=4&r=v&rst=1652676587833&rpt=1227&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame BFBD 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=c34d5ca477eefed6&uid=35729a05fbebab732090e971c6ffcae3
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Dc34d5ca477eefed6%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 16 May 2022 04:49:50 GMT
server
openresty
css
fonts.googleapis.com/ Frame 9F06 		3 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 May 2022 02:51:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 16 May 2022 04:49:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 May 2022 04:49:50 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 9F06 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 10:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 10:16:32 GMT
gsap_3.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9F06 		54 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22005
x-xss-protection
0
last-modified
Mon, 11 Nov 2019 18:08:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 04:49:50 GMT
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxVen,pingTime:-2.1,time:1643,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1643,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1637~0%5D,as:%5B1637~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:356,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1.1002713-62059190%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.175e5155-c1ab-3214-1e9d-ce1a3354ee8e.76_10933%7C1g2*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,sinceFw:198,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVes,pingTime:-3,time:472,type:v,im:%7BpBlk:417%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:400%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:472,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:t5YaxSY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVet,pingTime:-6,time:473,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:474,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B101~0%5D,as:%5B101~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:t5YaxSY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame AD54 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=2808109351545938&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame E547 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E1EE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwZgzV08YDPqLfkc-oCp9smkdBR5jiPmMvaX5y9nNNeb1D3xfxEeP56SZqKOQlOURn_TffeDPT6nJw2OvRWyfbaPPKqTZh5d1QxH49_bJCyEo&sai=AMfl-YTQ0X8f-oazlOQEtK3YmRCepsCxss6VMsW6SrDCWfamBYnPxlx1JnEAoHfDTsq7tH2Lb40EBSf8iuQux66FtWaMLGG4BtfLQjs&sig=Cg0ArKJSzKPhbm0BR8EZEAE&cid=CAASF-Ropjd4tbNqRZj0hGmPbzJGg_2uQDN1&id=lidar2&mcvt=1053&p=0,20,600,140&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2150435033&rs=2&la=0&cr=0&vs=4&r=v&rst=1652676587808&rpt=947&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A61 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2oDm-ZrHFuJSlx-fhxG09vQofzxiPkHCf6gW_MukvYVmK21WRNRH6fvMiWBvXx63PvkaGHAtNBVGP0qVCWdT7tGMCZ1B2X6FkfwUKmaw0Gjo&sai=AMfl-YSeyct7to-SoUQgeLqQzz-iX3M-HhT7mj7O-CX149qs8vYQLFRyE9fDBlrA_nSIOAUBedWx2DYiSLXHp6zMDfJ-ErVRdVwpBbI&sig=Cg0ArKJSzO9foMSEGCd4EAE&cid=CAASF-RoUNXgdHv8AJyXkorFuI1msZfnBVlu&id=lidar2&mcvt=1056&p=0,20,600,140&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4043599776&rs=2&la=0&cr=0&vs=4&r=v&rst=1652676587882&rpt=927&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 74D9 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNSCFnS_4d_D2UkIX0tbtnc8MM_8cybV04CVtoCLpmFck6T1rR-JU_-cMsNDEP4qgSRMduN-CjB69fZkQlzktrCEMW4VuKlN_UR7AIRpyz1wHf2BdbRfLxawqnWuWM7U47UW0AsvpSKqUN6mufK2AFkUm_SAQY6z1E-Ze9YQMGqDfZglyICV7A3XMr8sTuwd00KuAGKAo1fyepvy_pi6jc6Sgcx-Lpo6OlIZeaDKQqLQlxlrhBXt70oD60wD6VEXEM0Txb1fsKvq357Rn5LOyyGJ8_yPDotXFwVMh7mYMfkgERKVllq3McjQjufOKd3Yag8dXHhljTiitSEIFBbF_8ASDXpA4BqEpsJN60XhJuxPNK0xpkdi1fFlE6aBTFcU_R3ZoQ7xXMzrbUNaHJExcdIiCKBUg1izRT03zPje1D_1A6A6i5UawmBkd4rkFsuM0PEDl4Wz21wpXaPz9Gu1chEVrG1_SkZ0cvkIigoYr-lljnT6AN79mHThTAaMcbOX_ewCIPZOLriz92fyj8DY40x8lC1wCCmzSuEGwpaZRi47ek8zWl8xEhzZOihB6cICXWXdeKs3naDH49H1cFPc4QW_JYU5khvkc9o7LjCIKITsMZGt-CORi85tOBo3VFJ2-YnQx4jrY_aO6f3T4CLAMhvnS0REdd-ycTzQKAA-ZOicV9NJZU2fC2KEsfKe12RB2lXUQ4bpUtfutYwysLhfE-Y0a7Rv8vZsk5ed61cVCU93cE9DENRWfH56dujU7Gky79WwaM4GLrQYw8FhKNTane2b7_W1P2vvog7Sm8QWXQ2b2NxTOwLMFEGc15SgJyGCKW2xAAy0AHwsveHhjkC9XPOl7iU-_R2CXTqIPCsjrYDhkQEWnp6AYYR4f_xY4y2vHG7UuHd1q5GrQxJjehjY0n8lAZaV5otTiS3I-aNuIvBq_6uIUBLN2rxhF1Y81eWDLG7YDadsKRchQ48w015eHHHCZGx-E25BCY4av1ue7MR8H4b7vQ94TbZ63vdl6AEHvJPODkcnAKP-AwGj7s6QSL2ne0jDDW0m-enLSVM6yWcscKWKz0Zl2bLzMn74tbF-_YoFHFwxdEly_cWEe4xqL79RaQN-s9OmI9g4hEvekb3wwaw5tMAo_1KnTrrFAnP8EXtl6Z8j1HJfaW9Jlbt-AD1BJ7UoSbLVIhdJSigNqUH-jpVnzGPQhHHM-G2u3Z_diRF8BHQnthHsywkrHn6BbG4eWsuQAGokq1Q0ptGG6wSraa&sai=AMfl-YRrkvgjeu9HP0uimURf-MUyCif3g20pbLs6ZWaWguYpZzsE4YFEvoRTmEXiQZv_OfgkBI4O5Lvuhsu0EGUHMOihmz9SHIOQ623CuPweL2r6vES8wOpaupteAdrZEWpHzPB595q-e83MPPVgd_AuwCXcoPIHKlTlTqL0DooyiRiMc3zoSb0Wkfg9fmWsbne2ZGh9HOXUzzs7m-hqWfOxOV8t69hSZ5NvCQ3fg47e4XVFvQ&sig=Cg0ArKJSzFWpEPDhAvjvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1186&vt=11&dtpt=790&dett=3&cstd=394&cisv=r20220511.26636&vwbs=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 23FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=6c2f3c46125e595fd7c8a2f...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=a9356281-d7ec-4400-bbc8-84d07d67853e&gdpr=0&gdpr_consent=
49 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=a9356281-d7ec-4400-bbc8-84d07d67853e&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 16 May 2022 04:49:50 GMT
Server
MT3 4390 fb8620d master nrt-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=a9356281-d7ec-4400-bbc8-84d07d67853e&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 16 May 2022 04:49:49 GMT
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVfc,pingTime:-2,time:518,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2017,beZ:2018,mfA:2387,cmA:2388,inA:2388,inZ:2392,prA:2392,prZ:2412,si:2418,poA:2419,bl:2433,poZ:2434,cmZ:2434,mfZ:2434,loA:2490,loZ:2493,ltA:2535,ltZ:2535,idA:2434,idZ:2483%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:400%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:518,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B145~0%5D,as:%5B145~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.cf241038-dfaa-c8fb-fbbb-3077749aa256.49_970282-61278885%7C1g2*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:116,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame C5FA 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12273318&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 94F9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
47377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:40:13 GMT
expires
Mon, 15 May 2023 15:40:13 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 318E 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvqlX7NeBYsn9EcOs9u8P9fqxgAcAAAAAOAHgBAI&bg=!2Nul25_NAAZL3OSAa9w7ACkAdvg8WqN5FrJkUjEMpeRJfzUQnmUvCme3r2VITG5xxv0sTR5IordOLQIAAAPTUgAAAAVoAQcKAG_5Vz8Jm-tbJzo2eux9nlR4iJcPAjHm2nbP6Qzlqjt_x1R2e1DZaLbzn3fXgU_RAoo7bd24EkTYiBBvzs25OK1QN1hxobLPz8mEkz3o4HYKBjkUW1hFkAOaWGM1iLJUG5bPsWq1FC4zxZg4nZiIsI-ZAu07trBGhO2-i5KpScAUp8Zb1Gq02OTtp5QjbsbmpRfz_G668ueAaxPyV8vSiM6Sq3YGCw4hY3CHwpYfubFISp_pCwSM1o_EaSYBxq95DkRgDddElX5-ukOHUoqkAVFhyeOIHspxUKa0-FaD37nYSU4g5k88O4gJ3us0DegxoJq2SSu92Qlbx87n-UAc7YjXYQCScb8IiSmRVRhgIGu7IJgNcmMR_XuBqhsXGkcmRNkyPTzg0Y_OLJY1dPwIxHnDUiU8hS4t912-phCIoUv0ScfS2AUzpaXD2c3XohFWy8Cs_RyvmDKlWuAgpCs___cPO8Awf9rD2w-Xosjc3v57tHu3OaxCHjWSmde3zFoDfEsgBfZqbz6T-1Cc20650R2M292-9adlDlehsZFUAZMSVEQZEeuquatUzVl9bWj80BOSvUC3uGfnhaX7y3SxUEst5Zd0mSKZPC9C1SqEciowtehwboPvZARezx92d0JkDCyNaYWoV_50umuKz3EqQ-1h1ZePVzC3xWJd07fpuZLPtUk-Z6Z5hRVr1vCg4u2sQIgxPcRgff2pWsKuuxP5Xf_B7prC44IWY1oh_SCGJgA1laFFmlfcRw6ERuo9ifrexiaSQV8bx0uEhPbhrZwU5RFbabkEg1j5jHR-vDtL2ZemKL58Arvweatp6J348v7Yb-Yx_6CKN9p-_LiMKg4AsKqolLExhzma28DtBDJOjUqATkawdN0Npid-JbdyqPFDsObGPtJNOikIWPfByj5vDzFNo4mAMEZwMNQr-9wH-V450l7HumNs2vsZpIO8EXwz-AyaXblXScvw16lS5benA2HszxYHnBPWW-9ixUQVapXJyu-kOyq2VmRwTGl5maEAQlnvbL5BXbdH2tI05Kl0KADVABQlsyCT7ZhQ2NXYcTwkBXHExcK4wmcV0TN8XNqgp1uQCe6dYq5eexcDUQx6Ms-Z7rWzBqx5SyQ4UnAvu14jdSw_Um0t6yp0amqwZosX9w
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/5825321732835115008/ Frame E757 		92 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:50 GMT
expires
Tue, 16 May 2023 04:49:50 GMT
last-modified
Wed, 27 Apr 2022 09:23:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 68A5 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstep_4j1NMWM-7EfgKipYRwFrkYW9Zt1WwTqK5UrSjWc6PqIWFW4atpiaB7_p1OleqnRvpYSYHZYkrF12HQdLbpzCVmIUQPVKqxON2Dlybt8sHE7kFsy_03Bbo1kb4cL1AK1Pl3dp3RJQ8P7pCyY1aLZ1-RPv85eCVsnZKR5M5IS922nMMXG1HqwnQYOETV72zGhH0KNui2gbNoChpXCX0pepwKRKSrkyAtSdo_wT8bK0UPGR-4EQS16EyIYVWWrzlOO_MLeskawJehyXoIv8oYbWkzVcVds7s3lGPRsfuWp1dINU_ZzgxdIjwcn6zUWqGjByXBMbb7vO3XTS45V4jJFgf-T8rIf3BIXeuhysKz9U34S9DTWTa8fpEYxPOsfa8Odtv1loSNxL129dVvYAb2s7H4kUXFYqjZLn3jKUGue1SiZ2t89lp36wXr3dVSyq_MvrHc6lp1SAjI9jQiXfAshVjJ00Ai0gfsjgz-dF8LYw6PNWsoDtnvzWZj9PWkV7zvUHjlTPvUGwH1FQ6-XOIb78qsndW9-fQxboiot8FJgM-VDIxe_oGereqfvsJBtWX_hpRHF95_XJNmylNnwu6GBNezUAY-DE6AV-49hRbFZoDr-Naf4SPE1TapySEMIGy-Q7SqlUYRWEqz_MvNZnAsDdtvDyYH65TVS-Wc1U7XpFrWdokIS4ACxN58QBSpXfi8sR9xDdFyUAxLrn0z0IoKmmuLXPYyImp-E6gLA9YaaYknEvXYNqJI51QUl91t6cgCnQ4Z4TiClTDRf1Cv2flDP7kXuvfV5Ucgeu08H9pJWF1y3Y2cUT-7xgdVs-YX34OGWOA4v5wuSSNRE0IUSo6ijWZrpO677KJLYAnYVdh-jVmLue2HrTYrHj1A1B4RSiSdCCotR30ZzDIHF--bERXfAUiR18KyVGuScTbVYAUazNFv1jvirBL7LdMbk2M8pO9cMo3zcPjTPv6Lr9nJGEmIiheJPr2Kvwo4u3cwms8gfuWB1HjrsTU_Wm-dUC79nfiJXMY5M3Ncu6Ti8ATaj481l4EnVpfrUSdIT-ogfXB7zAHyX9Vk2colz57KUxGCJALrGziUNlGWZbNlYhGiJ_RvEPLY0DZwHk89YknVZnGSjBd0tuzcAAu-rRg3rfOW_ZwKUs6HpuZsoIFg1M9TKfOM1_K-tL1RFHwecs5BgbM8AUZMQ1g5PIwr9Nkx2mM&sai=AMfl-YSu9Aiyjj0xpZpcCZo20fR01OyUG_vghpGLCPaZVSAK_PB131z7prnSAsQjD2khzLhzk4CmmyD7Gqn8gYPklWGlMWakWMJB3-9wqsXLZDy3XGDWO0RGS-90JmmIjpJCvCGXSLlVP6KX5H0MW2_llNnDYHvTUg&sig=Cg0ArKJSzP0i4vvcHMngEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=279&cbvp=1&cstd=276&cisv=r20220511.36464&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 16 May 2022 04:49:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame F746 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
c4mg1nF8G8_syKbrxDJJnw.woff2
fonts.gstatic.com/s/aleo/v11/ Frame 9C41 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/aleo/v11/c4mg1nF8G8_syKbrxDJJnw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aleo:300,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2849dd43843f38fa3ca20d4dfb0d6818690ffaf797857f70d46bd0ff0de5d727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:02:33 GMT
x-content-type-options
nosniff
age
416837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17980
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:50:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 09:02:33 GMT
c4mv1nF8G8_swA3J0Q.woff2
fonts.gstatic.com/s/aleo/v11/ Frame 9C41 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/aleo/v11/c4mv1nF8G8_swA3J0Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aleo:300,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bdd44d0692f267a0b26e5968e694bbd095511faacb598ce37957d57814490aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 11 May 2022 03:54:49 GMT
x-content-type-options
nosniff
age
435301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28272
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:12:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 03:54:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 68A5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6357157020881797&output=html&h=250&slotname=adpartner_zdorovia.com.ua_970x250_ruslan&adk=865826939&adf=4155823868&pi=t.ma~as.adpartner_zdorovia._&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676588981&bpp=11&bdt=367&idt=214&shv=r20220511&mjsv=m202205100101&ptt=5&saldr=sa&correlator=1526208605054&frm=8&ife=1&pv=2&ga_vid=162590607.1652676589&ga_sid=1652676589&ga_hid=248752447&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=920401899&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=466452259210995&pem=84&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.h88f9thdmzw9&fsb=1&dtd=227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 15:40:13 GMT
NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js
pagead2.googlesyndication.com/bg/ Frame 409D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
61897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13698
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 11:38:13 GMT
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=347365437/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20zdorovia.com.ua/ Frame 1509 		163 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=347365437/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20zdorovia.com.ua/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.131.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
163
content-type
text/html;charset=utf-8
date
Mon, 16 May 2022 04:49:50 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-consent
absent
x-server
10.45.15.102
PugMaster
image6.pubmatic.com/AdServer/ Frame 2867 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63239574&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e4a2771df2b950104733588afdd7be441b2285c6ee7638fd32087dfed085799e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1823
content-type
text/html; charset=UTF-8
truncated
/ Frame 68A5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c92dd9af85b5d7ede49e7d6027c6c26a66063f92fad86e933c66aea85525d902

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 6255 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvLSIRz7yUNqL_XOz7ZT7w0TvCsJCJAZEDBg3fTHdgTZCX3oUStNh8XIXT_fYoUmefvUm8214M27gcJCjf0S9pg5RtJxihJ4ETolVH6FHAqklxeJJcx8fH2JctO92bcmzfeih3a6dJcnZPnGimMoZbBtskTx5AOfZXRbfN9UCpRsMnwwXEybdWd0vXY2cqPiTb444mxEPBQhZHXDytw3P1KHYQlKEbsIay8xb2g0IkLo9lSPxbuEfo4dT9afG9LUIoQ2-cZaeawDcz6ZCzLk4GftaS_FeKJSIKY3rp26hlNkFEj-mUyxDwcL6HATKxye4Hneub5g99HHqOVPH8mLayJi7eKXlU1I-COd87kIIqq_5p47ppKUE2_rJoORtAexnGoyj4ZC1NSUyNC37LgkTgM2rpGZzHqDFgM_OKmkR4k4X8c0CObWoz7QpnZ-UOkxJV0wdGjFDNo9dxt93tCiGyMUJgTjJZsDil_tyxDo78E4noqnGcu5MQIVqEoAseuv94EI0RnPmDoNxH8p7otTkyA34B1VOkSywYXTMXQobwADqiCneBHwPgCxH7hqEtjOK88v4P3jjgRVHUH3zn-G7FaBITY27Xt__uRw-OeNV4YNayTIdwtXaNZkX1swduUs1GqMrjHZ1blalE0oq8SNhOr03zGnZR99taTz3xcNf11oHRZsCZ5nfYRQIT4dX06DrQnYo5_ea7Ij0OMSy19yHw_gS5NhsJz-SZx7HNEH-E5OMCbQlADRfkxevLbmEco2oXhc01y9zq3ff9EX_8Zj_Qs0x2MCastQlsubG3BPxMGc6BV2Z_slODsPUN8Ued5z3iuf8azS8vubYoRlkpLbJUqZ9J4heBP8MNyiFcbkkgFSBa4SPoZe_5d5oFisIyxCMlU6FqoyIz5-WEhDbuKDHcOgtdUZCHxZ_vfd6mzU7NxYj7jxE0M_J_kn56PxGpzNxmtRbBhPnwJil6kF6CBVLs5_8Y9mpd_wAwYLzJPa8_evXAD92XJb709K7poZNB4hP5_SEE0GyphFzctCgoNv3xw55uYTmtEygjmZ7tb7zAVjkWO0kujE3uEOrblghYl0U8Cb0IbJCuqw29oDFem75t84OgSyuB1x8fOoLqJthlcdGkXwOsvHCCy-8ogXIc9ZROoAZuUhTUNgtVmdQbK2cIlMyPUZq6QePfvYEtVYDym1pgZ_j_JXbWsbHutTt6&sai=AMfl-YSpU-rp21TWCk4JRDnXAU511XZaQmrXrazavL7zIIAqNC_7apJd48DRm4vmh_pzGPwHvMaaCnL4QP4JUaUXdKBXtUdrU3NwKWeQSm-P7fjOhFBg39iThxj88NOO0IDNwExrddJlWrCbun4JkNzFc18GHkejRA&sig=Cg0ArKJSzPWQzoFhOJcVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=701&vt=11&dtpt=456&dett=3&cstd=239&cisv=r20220511.81089&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame E757 		3 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 May 2022 03:14:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 16 May 2022 04:49:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 May 2022 04:49:50 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame E757 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 10:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 10:16:32 GMT
gsap_3.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E757 		54 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22005
x-xss-protection
0
last-modified
Mon, 11 Nov 2019 18:08:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 04:49:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0C06 		289 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84431464&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b436e01745b37e08917465602243858f27f0043ca593413a65641237242a9a31

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
289
content-type
text/html; charset=UTF-8
lb-new-full-logo.png
s0.2mdn.net/8299540/1646069414603/ Frame 9C41 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8299540/1646069414603/lb-new-full-logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8299540/1646069414603/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e85a47c1cca62f5e43ca3bba6afa8b36710e13f23f0f329cc8c5fc8e825d1ca5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/8299540/1646069414603/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6034
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 17:30:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:49:50 GMT
lb-728x90-bg-1_1.jpg
s0.2mdn.net/8299540/1646069414603/ Frame 9C41 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8299540/1646069414603/lb-728x90-bg-1_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8299540/1646069414603/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3954618eaf3c50eca983f021cf9069ab004e312c1f530b184d69ce6a5fc82e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/8299540/1646069414603/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110160
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 17:30:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 04:49:50 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 49E2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
47377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:40:13 GMT
expires
Mon, 15 May 2023 15:40:13 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2CD0 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a83467c416681c2c757a9bb57df244629dbd95497a4f24ec3f713ba389cb616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10563
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9F06 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b814ad3a98c733d0de0bbc33afe08d7127ebfd786aab163ca7cbe3a2af8877cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5499
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame 9F06 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 09:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 09:34:30 GMT
141
match.deepintent.com/usersync/ Frame 9679 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
0
date
Mon, 16 May 2022 04:49:50 GMT
server
b
usersync
match.bnmla.com/ Frame F42C 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 16 May 2022 04:49:50 GMT
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 0F03
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:32C6ECA5D3B440279FE124B47F93ECDB
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:32C6ECA5D3B440279FE124B47F93ECDB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 16 May 2022 04:49:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Mon, 16 May 2022 04:49:50 GMT
expires
Sun, 15 May 2022 04:49:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:32C6ECA5D3B440279FE124B47F93ECDB
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame B59B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wOorq53C1NQsG25&gdpr=0&gdpr_consent=
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wOorq53C1NQsG25&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 May 2022 04:49:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 16 May 2022 04:49:49 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wOorq53C1NQsG25&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-030b4f650890e7587@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
um
u-ams02.e-planning.net/ Frame 2AFA 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=c34d5ca477eefed6&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 16 May 2022 04:49:50 GMT
server
openresty
Artemis
aud.pubmatic.com/AdServer/ Frame 2867
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&addseg=11,34,40
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&addseg=11,34,40
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
103.231.98.208 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Mon, 16 May 2022 04:49:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&addseg=11,34,40
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 2867
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:47 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:46 GMT
frontend-id
3
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2867 		95 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
70c17d3349910211-ZRH
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 2867
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.71.149.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-149-243.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 16 May 2022 04:49:50 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 16 May 2022 04:49:50 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 2867 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2867
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9eda09f3-d4d3-11ec-8d6c-0bf2ab20b56d&gdpr=0&gdpr_consent=
1 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9eda09f3-d4d3-11ec-8d6c-0bf2ab20b56d&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9eda09f3-d4d3-11ec-8d6c-0bf2ab20b56d&gdpr=0&gdpr_consent=
Date
Mon, 16 May 2022 04:49:50 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
9eda09f4-d4d3-11ec-8d6c-0bf2ab20b56d
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 94F9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
um
u-ams02.e-planning.net/ Frame A0C3 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=269f09d876621f44&uid=35729a05fbebab732090e971c6ffcae3
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D269f09d876621f44%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 16 May 2022 04:49:50 GMT
server
openresty
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=393879950/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/ Frame A019 		163 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=393879950/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.131.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
163
content-type
text/html;charset=utf-8
date
Mon, 16 May 2022 04:49:50 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-consent
absent
x-server
10.45.24.244
csync
sync.adtelligent.com/ Frame 408C 		0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 16 May 2022 04:49:50 GMT
Etag
1d5ae89843810fa6
Server
VertaMedia 1.0
ids
idsync.frontend.weborama.fr/ Frame 0C06
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:49 GMT
via
1.1 google
last-modified
Mon, 16 May 2022 04:49:50 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
date
Mon, 16 May 2022 04:49:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame 0C06 		49 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.16.177
content-type
image/gif
content-length
49
x-consent
absent
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2CD0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9F06 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:50 GMT
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVkR,pingTime:-10,time:869,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1652676590664%7C%7Cfc9fa3a682535efe5239311f02c94df5%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C2ba06f0ae4567e245cf4097951356f58%7C%7C9a18d06655d685ac9dc0380b2537a83e%7C%7Cf3b052453999c7bf02e681692eab37ea%7C%7C5d379f1ca05605277cafba2ddb6452f8%7C%7C7d2aec8a2d3aaa42cb15103fa4116eec%7C%7C1629390669,im:%7BpWait:55%7D%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417938&pi=t.ma~as.7553037928&w=728&lmt=1652676587&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1652676587455&bpp=3&bdt=362&idt=306&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&correlator=463723020067&frm=23&ife=5&pv=2&ga_vid=295295263.1652676586&ga_sid=1652676586&ga_hid=1707449053&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C44763827&oid=2&pvsid=2606551401218276&pem=550&tmod=1162872940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.fsvk4qls0hti&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame C118 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8ZyHMV6j7nNeLAkVbuckVRODkVp55mwxSbKJR_6uoG2HarXXsKeUR9GIoXYqgp4sc6vxcF0Rn7XKhDAqtV4J5lVFYDuyvjo9_zv7RJx7c7SNMI4iUnSp3P_iiypF2ckzRnWRR05201wnT4-bvUaQw&sig=Cg0ArKJSzG-BZ3xbhJjzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1006&vt=11&dtpt=803&dett=3&cstd=202&cisv=r20220511.40292&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxVmy,time:1498,type:e,im:%7Bpci:%7Btdr:1009%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1498,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1493~0%5D,as:%5B240~300.0,1253~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:265,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2.970282-61278885%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
img
ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/ Frame 23FE
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=4adedacbfe197eb582995ce357ca9aeb676bb9b7d674ac33df917349fbf92570&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b05044679bd7712...
  • https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?tpid=42&gdpr=0&tpuid=8624539296363438648
49 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?tpid=42&gdpr=0&tpuid=8624539296363438648
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
nginx
location
https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?tpid=42&gdpr=0&tpuid=8624539296363438648
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
view
googleads4.g.doubleclick.net/pcs/ Frame 68A5 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstep_4j1NMWM-7EfgKipYRwFrkYW9Zt1WwTqK5UrSjWc6PqIWFW4atpiaB7_p1OleqnRvpYSYHZYkrF12HQdLbpzCVmIUQPVKqxON2Dlybt8sHE7kFsy_03Bbo1kb4cL1AK1Pl3dp3RJQ8P7pCyY1aLZ1-RPv85eCVsnZKR5M5IS922nMMXG1HqwnQYOETV72zGhH0KNui2gbNoChpXCX0pepwKRKSrkyAtSdo_wT8bK0UPGR-4EQS16EyIYVWWrzlOO_MLeskawJehyXoIv8oYbWkzVcVds7s3lGPRsfuWp1dINU_ZzgxdIjwcn6zUWqGjByXBMbb7vO3XTS45V4jJFgf-T8rIf3BIXeuhysKz9U34S9DTWTa8fpEYxPOsfa8Odtv1loSNxL129dVvYAb2s7H4kUXFYqjZLn3jKUGue1SiZ2t89lp36wXr3dVSyq_MvrHc6lp1SAjI9jQiXfAshVjJ00Ai0gfsjgz-dF8LYw6PNWsoDtnvzWZj9PWkV7zvUHjlTPvUGwH1FQ6-XOIb78qsndW9-fQxboiot8FJgM-VDIxe_oGereqfvsJBtWX_hpRHF95_XJNmylNnwu6GBNezUAY-DE6AV-49hRbFZoDr-Naf4SPE1TapySEMIGy-Q7SqlUYRWEqz_MvNZnAsDdtvDyYH65TVS-Wc1U7XpFrWdokIS4ACxN58QBSpXfi8sR9xDdFyUAxLrn0z0IoKmmuLXPYyImp-E6gLA9YaaYknEvXYNqJI51QUl91t6cgCnQ4Z4TiClTDRf1Cv2flDP7kXuvfV5Ucgeu08H9pJWF1y3Y2cUT-7xgdVs-YX34OGWOA4v5wuSSNRE0IUSo6ijWZrpO677KJLYAnYVdh-jVmLue2HrTYrHj1A1B4RSiSdCCotR30ZzDIHF--bERXfAUiR18KyVGuScTbVYAUazNFv1jvirBL7LdMbk2M8pO9cMo3zcPjTPv6Lr9nJGEmIiheJPr2Kvwo4u3cwms8gfuWB1HjrsTU_Wm-dUC79nfiJXMY5M3Ncu6Ti8ATaj481l4EnVpfrUSdIT-ogfXB7zAHyX9Vk2colz57KUxGCJALrGziUNlGWZbNlYhGiJ_RvEPLY0DZwHk89YknVZnGSjBd0tuzcAAu-rRg3rfOW_ZwKUs6HpuZsoIFg1M9TKfOM1_K-tL1RFHwecs5BgbM8AUZMQ1g5PIwr9Nkx2mM&sai=AMfl-YSu9Aiyjj0xpZpcCZo20fR01OyUG_vghpGLCPaZVSAK_PB131z7prnSAsQjD2khzLhzk4CmmyD7Gqn8gYPklWGlMWakWMJB3-9wqsXLZDy3XGDWO0RGS-90JmmIjpJCvCGXSLlVP6KX5H0MW2_llNnDYHvTUg&sig=Cg0ArKJSzP0i4vvcHMngEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=750&vt=11&dtpt=471&dett=3&cstd=276&cisv=r20220511.36464&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame B421 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbeffc2e9a2ff97b0eea3da7f6448661de8a30326d8c6f24263e2efbf5126913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10587
x-xss-protection
0
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 49E2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame 9F06 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 22:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1030
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 09:23:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 22:00:39 GMT
7062488226882609744
s0.2mdn.net/simgad/ Frame 9F06 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7062488226882609744
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b56c21f94c846431e5d7471a8be28840608cfdb35658a50e292fb8a685e6dbcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 22:08:09 GMT
x-content-type-options
nosniff
age
283301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143004
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 11:21:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 22:08:09 GMT
truncated
/ Frame 9F06 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EEE7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
34275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 19:18:35 GMT
expires
Mon, 15 May 2023 19:18:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6EFD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09aa42bd0f212d3a520bde4ea0eda9d79769a183ef49c3cb7fea79cff4a590fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-geQp0uKdXs1hAAYGRef9-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-geQp0uKdXs1hAAYGRef9-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:50 GMT
expires
Mon, 16 May 2022 04:49:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame F746 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2Opwrg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C118 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsud9ST6o-CH6uCKL01WAsSVBNTLDhxSivqc8yB5QRxSMEE8rIV106AFNUtURtKzoZtUPEnqvmnL1Z3mH_MOkNvpJwQlGhWidekQGWWMJKLCbdfmUht5yE5Vb_JO&sai=AMfl-YSt9P8sxocttAHQ15XQGlLPdqZxG2yUmlCPBu1_EOSMJ353ARSUlJrLgDf-K8H3SBbVUHSCfxcBl8FMbOQSReMJ87vIxeYj8FM&sig=Cg0ArKJSzMwPlr8kVzGhEAE&cid=CAASEuRop17jxul3w6_7yIPjq8WlpQ&id=lidar2&mcvt=1059&p=0,0,90,728&mtos=883,1059,1059,1059,1059&tos=883,176,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3481491427&rs=2&la=0&cr=0&vs=4&r=v&rst=1652676587779&rpt=2029&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 55AB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B421 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6357157020881797&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E07 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=904108839873201&bg=!ycqlyo7NAAZL3OSAa9w7ACkAdvg8Wm75lj_B6ulbfjwsQ2Ou5laOJ-BH_DHBFH2IrxIKwh2XzI9yUgIAAAKpUgAAAAJoAQcKAGZ0b0UpOvDjnRyf4b--5k3kNXH3u_H3Z_hIYjElc68i8myiVcwcWTpdQkRDrk980gOs7-QcDcIn60CFKKa_ELDBgnzs6Rbh-a38453mGP6dzf2CwA1BJyxHaqGaWlbCkrdUM1zmkaWZAq0vYH1MLmTYgzbTk3G_F1rqeSLJw3_gcNOVTk300t6-tiQ_oX5ImPmjeukXAGs3AM3PFNLd75g9zYlSJmyhrgA-O9jIOhl2Fmj0nxrLR_BHFeZK4PlqKEdJWZNojBGkkww3PHlgcseKfx62fFU6T6JCZwISUKjnjGXYXgRRaXAS2dOdo4zpIIgwOUZwHRkk6k3ZRmqq97K7OlmVLJQF1gy2imMhWyzJcE3Pn2SXzsu-ZVkTk8VVT7RstEtf0_UcSalLSIKPSnKdmPBgX6KS6KZ6hZSV1vO_k2PZHiAtGcHNQaZVe8OhXgSKkNDSWwqrcgvQ995s0T0PLiSRI9ADrPxvSizBImEfEmHDH8GgSwxzI2wjLq5AHrZvj4lDJuuvUWKRUR9jGTklK6WFDj4WzUNK-oD8Wbp9drklNxu37QeTnTImaD6oAHhBVCc4TVIkyRDqGnsGZwopLx89HtYYDxII5bunZidsIYR0ZoVfU1g8DnTlMHGtrJBhdiMpgucABX30chrzF7x8vsgp0FCzreTYIUh7rbR7JGMo7izmV_I0Hp8ijBYgnHbPxAkOGAXvuulKSKiEf_601LdNNgBTRLNJYp8ukOE-2_I4wMvN3cDttYLtGz_h1ivT22GuZRZqeFzwkIpdgEVDX5CcG6xKT8nJUjznccuCjt-dVPf46eDSQNCnrN9A0Aa96-EuHsGB7Jh6wOunMhkfthCRJZtMFS8B08bS825SYs9EsJ3_3NusoUee7Qw2XdsCckPkRcsKDxvNrQLGhwConHWbzJ4SeVpZZmpJzA8Linx7lqm4rSZGhhPWyoMBMVWNmaIwfOKpf2FIy3VhnBVjkpjyDgh47v-DCUN2puDC72PAmUTchYKaxXO82F8hatMPJSBrHao2uWeeEoWbho1tzxGuTn_K
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 74D9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQu-5oZzEZXmgm289tiOXLFTW9LSy8VkCy-z0_NjOyKDHC3NG2AbxVXkA2rikZ6ZOizbgP7-X_F4TCWrwAqx8Vbqb7H5oC3p6dTd1ujYj4i3c&sai=AMfl-YTCnfEcuACJn-X0D6cy3M2mxGaIXTaYEiBV9HQS7Cw1EgynhwVl72gNGpI7-rmr7jWfyH3EfRM8wLOFVbZ6LlMEYZ8h0iy9-Q2sDaai8SYxCa_-ewnXfKkRwH8&sig=Cg0ArKJSzDBpRs1rBVftEAE&cid=CAASJORoXoS9DATtc7A21y_cxUZOsVYgoojjUmXo2xDyWPR5zfEYtQ&id=lidar2&mcvt=1053&p=0,0,250,300&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2159672584&rs=2&la=0&cr=0&vs=4&r=v&rst=1652676588101&rpt=1806&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E757 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2eaa8ce05bc7278cd36584a51a6272b73c646fff1988d7bf683596be1f0c3069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 May 2022 04:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5676
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame E757 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 09:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 09:34:30 GMT
7062488226882609744
s0.2mdn.net/simgad/ Frame 9F06 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7062488226882609744
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b56c21f94c846431e5d7471a8be28840608cfdb35658a50e292fb8a685e6dbcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 22:08:09 GMT
x-content-type-options
nosniff
age
283302
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143004
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 11:21:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 22:08:09 GMT
logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame 9F06 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=kJMv5TZXwj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 22:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1030
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 09:23:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 22:00:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4217 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=2606551401218276&bg=!lZalltLNAAZL3OSAa9w7ACkAdvg8Wix0tfkAF6HbUQBT2QqxF04N3VAIU11FdKOzIsgt59nytv82ZwIAAAM6UgAAAANoAQcKAFg7lfT5M6B4tEHRwiy-Hj_dIsmvXVEKFjpKsKooWEiKYN3qQcDHqVDsQZIMTWDfm87teScIDKSnFbz7XKsD9EoPORL2MlXeMxG2D5HtFSs92uKtyaEo-58emQKvzdsfozu51AamC0TmD3_RIJvfUa4UQs0RQCZ7Lz7XTk2QLFUOy8477z_k-Dhunr_xFuRRRnP7yLkP96af_iB3X-aMgfRHGiDPi5Ag2rsW5uoZrHD29ZzhRqNDJmEwTPgR1OGp8n6LvkFTLfPdwAvKHR7RRgOzDowyj08-PfYhM3Z1asVn5G_DSb4L2BuH_kGKeEAlqm1GQx46SQiFT6rkInPTKr1WYcRenPPwhAGZp7KT-PiecHgOF0Z3EP7UzWe5Z-LFdQRRrNyYo5LOHhKAhwkwrLt9tOHlN2BidBx0Th79Mx-r3AEJv7aOta50JhCRn08v8qTMYFQ3PqNTFrJwSfF2_qP-PRbpZoJUNf0Gse-AVpkYJSX2QV24xEL0dpwDXbbqN-845aygIp4Ke3q9VcR-FNjgj6ebOX-Ve5QxnGBpn7x4OAf8DKWQHrOZKqTo5SnWyYioIlCa49zqQl7oQaT4NrxWujhT4soIT73lODNpJDLMKnRLeMFBBPrRaITpw9sDmOR2d8hEtiAQKeD3kn1MYTjoRJp6QmFxJFvXdYrkvtpMDl4bmKUDvvzj4N3qw9qkGJkxmt1EwRoebKPiOOQCSBpMzSp3qgJYuT0v9HI7tJRvrc1LQKek_Hp2o8rjryMU62akn96E8l0ETKxVx3-21PzZVM2fZbcq9zAFyG94n3_tUE6GGcJfisWEY5wyUZ6LluOob7VCCMw0meV2g_u1UUd4lUhFBvQrydBPdVuSZUHBykvZHmp8obXxbwRhMHpC9sHM3ct8j3Y_Yuu4-luOqf01w1CxyOx136lddgXiqLpbKzpWRWifTMT4PEcVEvc4FLemWtJ5BplAJHgAtxwNrn7CezcyVnntBx08pPhNW2vtNMP0EpY1Kp4yTKC_-VXcYEcDZ4C7qz-1uYQm
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame C5B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=2971698416934096&bg=!MTKlMnbNAAZL3OSAa9w7ACkAdvg8WvoUc62UDpF62xR_WbHjOtWlwVeb2x5HwnKC1UyTP2E0vplvxgIAAAM1UgAAAANoAQcKAI-JyOEIt8TUkOc2AE4muKqRXUcZHspGQ00FTpuPeWK9kcpinLxZPF8Yk7qRCPqeumsyR4yJOdW7QI4cDYwSIvkUDaXeA0NKORHpYHZDReSHfjf0VWWImKEq2hNUZ3h_gufFf0AWsDR5-cZiLE256JzfwLtIkJbvfdU0EuVVWzUeiaF_8LR6IosRV7wFDbRQIpkCvHt7edkgy74efu02b0NwQOyRTP-puOgkI8rzCX5WQKQU-7LV34SngCNmNVOQ1czCrtbnr9uMGq9rIIeAp11WFkNIeiz-0-wPmAWjCy1mhr9lRx65AA1KPRXfyD70EZO-CfNPV-_TiiTG8wiIMsnUTHo_7xNxaZAJrYP2_YG-JmMMa91DsWQXqK5Gc9y7D5m-nPEIIKC_n1QzsVYKXI7MH6yaRgs-9Bkw8Zl-WJpxasGpRtlulueKASut04BZpGslH3LHBvDfDsCE-iEyiTEJzPWfS7SCO36D6nzKAghKDsy8-tpl8y5_-1f0X8SLKD5M31ZwL63ECeMMVOlpsLG6_mpp9HqRkg1EYGE4jTJw-bpV1pRRGZoFuN1ojfoM74FIfm-m4izHYgYaHyfKufeTYz4O19MVW1vqghsdhNnn5Utzq55il9NFZD1YL-STF7q9d-qdR3K7nUMp723wvMmxMbb3bHDT_5Gvl26CrIu391EEomUR9sWKZ687PuUc1OpuI36l_1vh-CZNmhEKQPwgVh3O9_pBjgYRRTircQ40em50tRy-0_kyqsS9L7M1Jx3oQThwW1PjSepcoJljyDsNjvbe0_sVWWWVolBMPKZo8Wb4_u7kWUbiydLpbOqpw9ROzvaYyEplGbgEGioHspwFiURa9R9Xgkj2CbOcs4xpkxQgHuhKafTjeOCZSt78jd4qjIIlE5d5T7QlFS8EtU0ubM0uw1vjbtYQLer3SQjPYx-GG8eVBj-H5pH8o-yHQHlYvQH2WoUY8wUXpW-lYsdq6p6CqqfKSH6pZCG8qqM2p_crAJpUY7Lm7yyv8ZPh1o3ynrR_jp7kzwLINnaGMEWjc9yezvMZDZorJb0ny-ppRl2GOdKuGSPWkV8QhBqzkBOrW3a578enqOT6ctihYk9gKU_0mh7MUNXqJsZAb34
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame E547 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWg-97deBYqTSAejD7_UP9-mnsAwAAAAAOAHgBAI&bg=!4-Cl4KTNAAZL3OSAa9w7ACkAdvg8WoY0fXaXY6IYSBbmPGj6FJRcwfQME0_sjjz6Ox8KYdZojVKS7gIAAAHRUgAAAAJoAQeZAuNVFLqfTLGo75gt8HbVI8Wk3WJHYN9bZIgXi90qFpvh2zaVVp7JJLoYwsR38wUFBESktB6_0EfV7Ri5Alit8L7OXwGcueCN-XVVtDKv3RjZzlZnUzlMRbM9wJ9y7zA2ojLuy1tIj7zvSdkwkeAv-umhfswJxpBiib1AwoehUGYGEbcGcyPkl8CBcLnWsaurLfVuNJ8UaQJxRF2-Bv4Aj6qs-mdgtHdFKYVdeau2G_q8BDQ4-Czmw2lifPX_BuWrnq6pwjNIKIRVfTf4aZwpWOBthFALdniN7uOa9w0ctHY_QV0IVPN9EH3ysJnPt70nkbTC_gXDcvbYqUnZt1CfS9MwftCeHBdzp75ji2XcITQngL3oOZfLA3yO0NVlYYvt2YR6EuGjUt_rG4INKhRLup9HdX-mhvhPu3IFBJNBj6Or2G-N8SHGN4V39CUX1bOpJkDO8f9xTPYEwUS3OG5q87Z6v6AnTIgUnRznVhpAuCeix9agBc-z52khnPE7149Y7U3W4i-6wzVN3tPImwN3D0j3kCtd-_wTyKytdxUVVcwVuJ30Xxrtjsdrv75MMeIpeG-FthCG86vMLPTbpZaFEG9M8ij5SIbfBM5b8OevloHjVBmoxVmWCUYC84AkYmyfPc31spleg5ZymRpg4MtG19mH2RIrSnY-PDzmerOBI3KR54KTNdsRTB5syf4DgAU0rvr44twZRqBmAjtjKLVgIUVcJqQa2EBnJi2GDNfDZC5t_nzWNrWE6_IJvDkqflGIv0ERVbVD_9cUjhtvbGj5J-MJ3oXqo9oI0k57Ijf2b_Q6RnjPYbFOT-ynRywMEKo8lRA_j-QaJIOSNG33A_ikeeOXtqO6JUDjGcdbBy-_ttqd1dklerN-ayiiPJEPPBTjJXnyHxQMjF7Nb_zigVDCSXzhelHNG2v-S-FNY0E-DTdOWh66Nuzu4XLC-hxC90WRc6U4-YULr1Pte90EPZi59K__23Oe
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 23FE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=72556129-2dc0-4ecf-b2d8-03c8076df7ed&gdpr=0
49 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=72556129-2dc0-4ecf-b2d8-03c8076df7ed&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:51 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:50 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=72556129-2dc0-4ecf-b2d8-03c8076df7ed&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1624465
content-length
0
expires
Mon, 16 May 2022 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E757 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 May 2022 04:49:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C316 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
34276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 19:18:35 GMT
expires
Mon, 15 May 2023 19:18:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4032 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
80e89f1ab0cf9c5d8f147cd072e62035be77e6ec20fcced3da878fd137333e8c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dXQBaeWwgQcyycY3Qnornw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-dXQBaeWwgQcyycY3Qnornw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:51 GMT
expires
Mon, 16 May 2022 04:49:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 409D 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYxlj7deBYuvPFNSiYITNlbAOAAAAADgB4AQC&bg=!s7ClsPTNAAZL3OSAa9w7ACkAdvg8Wh4gDa7eXgt9amv1HK12R77hiva3YFJ-IALA5qlrUdS-z0ZKbQIAAAHtUgAAAAJoAQcKAH_agF-HThs4Qjz4ZDvky5I2omMNdd0BYgLE-l6zGmlyXqj8ATGiaIrCEOOe3ZsNTLXPtwQ_4waJcnGQeIb9dvlZgZm1rwGpJ-HYwj1vQkhupZDkBDsSmKn3_K5UyjUEG5qbfvniLJn-nT8HGejpyKO_qg8mQlYLJ8XlrURfj1NOmQLbL4YhXX0ih4d7MSOrvL9qarRIPKsbiShqKhWlW__q8gJmGx01IzggYoP9PjOW26tA7_JTnamCSXgiaX0mmwgu0ItMnEjdLRs6SxtYqk3I6xQclOa7UBYH7SBLsU9P9qzxa90Ddo5tTDcD-wNwFFgVBehNmS48pTKp0juRKNU8REDGINM4zs8Td1vsJqnk8v7tZ12lafMv4VCkw5Sz2Qcf6J8meT8yXHObQxr6QepNV-S2tPJ8jCOE9n2D68MM06pYjWvxaGYFxE9gEEFFWNecu98PPFUsaQut8csuvm_vBiCDLm0yCCtZ6UtgjhUo78--3GlxJJ7ggddonjdZAqQ65Vf9-I_8QTxAj3s0a_0S4VhiN57xvN8TtyuqvD5S4710Ta6BM7PGcdcBYWoll4OSfMl0MbBTwbCPgdrsSNdYDqvyBVO9nl8knym6BaE1rNToTEz8XJz58NkgLMelK0GoGeHCbhbWo6Zc_bF3yyjBSZEXRlUiZfLomLwEm1GvcDWjrmDFSnscrKptCrWTPVcPVPHSjW-mjwjKdD6Y9UnaeDRDXf1htG9YvE9j1hlLQnUhr5LToJkBrfvXVoLLznLp8zvOV-b_HVyMvtDxJoWqmLeH9AxVR9ZYe06mWmXMUr1GW1wpKEsZVuM9BdWfSVEEH4IM3jmdbLnY9RFWNeyXHKVt_2WCs3l1_TWqFOnRLI1nsMobAAwJAtTwPMOewe4ydhhvJAWAZxpBIroma54JVZ932tGSshYzZJ8KuNXlreHys3gDgmxG-mnuk4l2PiNNLkimtCjWjz_KRq8mRtLmVH5-7sRU3lhOZ1Dx3jDnLQ80C11rT5Qh4MryRxYunVLZ5isFLaRTgFaNAAFoTjS0ZXGQIbXI9jtUCFlzgtO6sY2VxLowMsaAChn62PvSPkBRd8PC1uUxFsf5HqVyDl1tjdPxAjjoJ9wdBt05Db4KWB7mx2wNCwHPQN_1lqs
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6EFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=2145194115485608&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
um
u-ams02.e-planning.net/ Frame D035 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=c34d5ca477eefed6&uid=A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 16 May 2022 04:49:51 GMT
server
openresty
logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame E757 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 22:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1030
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 09:23:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 22:00:39 GMT
7062488226882609744
s0.2mdn.net/simgad/ Frame E757 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7062488226882609744
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b56c21f94c846431e5d7471a8be28840608cfdb35658a50e292fb8a685e6dbcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 22:08:09 GMT
x-content-type-options
nosniff
age
283302
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143004
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 11:21:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 22:08:09 GMT
truncated
/ Frame E757 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame EEE7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 930E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=512117809/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20zdorovia.com.ua/ Frame 37EC 		163 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=512117809/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20zdorovia.com.ua/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.131.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
163
content-type
text/html;charset=utf-8
date
Mon, 16 May 2022 04:49:51 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-consent
absent
x-server
10.45.8.191
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 23FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=77b3d96f99c0b77a98866c77...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=a9356281-d7ec-4400-bbc8-84d07d67853e&gdpr=0&gdpr_consent=
49 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=a9356281-d7ec-4400-bbc8-84d07d67853e&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:51 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 16 May 2022 04:49:51 GMT
Server
MT3 4390 fb8620d master nrt-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=a9356281-d7ec-4400-bbc8-84d07d67853e&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 16 May 2022 04:49:50 GMT
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVuk,time:1456,type:e,im:%7Bpci:%7Btdr:543%7D,pLoad:1206%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1456,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1083~0%5D,as:%5B1083~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:337,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.cf241038-dfaa-c8fb-fbbb-3077749aa256.49_970282-61278885%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxVuy,time:2646,type:e,im:%7Bpci:%7Btdr:2086%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:225,o:2421,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2415~0,1~100%5D,as:%5B2416~728.90%5D%7D%7D,%7Bsl:i,t:2421,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B224~100%5D,as:%5B224~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:262,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1.1002713-62059190%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.175e5155-c1ab-3214-1e9d-ce1a3354ee8e.76_10933%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
7062488226882609744
s0.2mdn.net/simgad/ Frame E757 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7062488226882609744
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b56c21f94c846431e5d7471a8be28840608cfdb35658a50e292fb8a685e6dbcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 22:08:09 GMT
x-content-type-options
nosniff
age
283302
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143004
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 11:21:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 22:08:09 GMT
logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame E757 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=dBmcLVCp8x&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 22:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1030
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 09:23:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 22:00:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4032 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=466452259210995&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94F9 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BewiG7deBYrvtFZqL7_UP5KuduA0AAAAAOAHgBAI&bg=!PD-lP3vNAAZL3OSAa9w7ACkAdvg8WmnN2TrpHfT7voL6m4iqYCef07oJmNt1lhptCwVcH5PmJj_MfAIAAAG2UgAAAAJoAQcKAF7jToZbMNxN_DKPBYhswjEn7R9GC13scw57l1KWCbjQAslSgpf9j-SUt2ugMZAQj75OOy4DjZM85_5q_AIf-5XI94Mh1VCu5HE1G0-09gc7aPilHEfP7i7OxJ_jxlJimQLzXRLVe15SEKFR3Z4Vg1xW3zWgLByrC_ZqjDozHb5oy87kIIJ6fdVS39ikTADf6oD2bkG2fMbBN4opY_6KiwyKZP8rozZ9plHPjstkFLSGZ9aIZzXqz-utx9AUQzwGNl6U9d6g3hFUXEPC_mYhFNa5C7CK-OUpCH1ZiB3u1JBFO6mwT2fwFM9X47m9B2SGfpcDhEfCobkx61xMH29-GyF4IWuUNuhKgQFFIu88YBq7KbqgfUmvKZfq8ilOJc9Cu1tdX7G0FUunU74HEBLtOJK0BAX2NsHYtOPyrKQuWf5QOW4QmVvN62MEg0DAFT1CaSu6vf0-yNsf9u_lvGNrDx9XBEgJchxFshyjXyYDvypBEmBkTxYpTvBZArAHq29t1YG5H4rmATtcBB3v3Wp23v_UmSnidCrW1U9fpJOU-on6Ef8u-mva6g-zMBy7AwzojA1FNnVaXE5Owhyx0RSYNU0VX_Tq9uvRx9p-QLOikN5cUxhu0Levs6lp4XCluOczGWI5rsdFXaxwzFV-gxB-UQA0622ahsndW2yTDwX7L6r15owwNEi0CXI_Bu8A9qCLsU32u2p17QtjcL-1L62SL--vfTrtPNXF2pvJvXXkAZrI71nu4NWMPBtYudyI2PvQHo6oVvqK6CJW93_4_yKUO8aIscW3nNK1zbMTnhd4rrYk8rQRlI-Zpuxu26b5QBknrEmwWy4Fv2tcpmOVJQWqWu7HM8twESKeYzzPyIZAfzZRZZG0Fp267x_oBOaBk7EXR-27FWYB6F3WbPbY7gEytnDA0LlvGkATFHpxnnApN3vd2VqWLxi1InFFvjQW5UWw6Dmn2Zcoykiqa15bmFlgymDJd1ETCCZ5aCL_ZNEiefFq6Q2JG4jGthKRghtTLIPSFvU89xJwysa90OjFVZ2XCbbAlA0Max8LyvRjXRVnSVtin5zA0e-0augCNz3c1Klt4GZE2BwBw5MNOReRUU0jCHkxCiZwWqfljoVMjH1wj3E-tOQa4as
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C118 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvavPPndbgecnNG4ahkinrDrKG-9Lrn_pmowD93oDho6ZiNOfjTQjBeu2OoKkdtJkRHC3aYLhcXKfYK71jHrxhMF6lo1sNZ&sig=Cg0ArKJSzOUmmJM-YcbREAE&id=lidar2&mcvt=1034&p=0,0,90,728&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2659756132&rs=6&la=0&cr=0&vs=4&r=v&rst=1652676587779&rpt=2505&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame C316 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 12:29:02 GMT
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVwi,pingTime:0,time:1578,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:400%7D,%7Bpiv:100,vs:i,r:,t:1578%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1578,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1205~0,0~100%5D,as:%5B1205~728.90%5D%7D%7D,%7Bsl:i,t:1578,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1205~0,0~100%5D,as:%5B1205~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:337,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.cf241038-dfaa-c8fb-fbbb-3077749aa256.49_970282-61278885%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49E2 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPqcO7deBYrLSNb_G7_UP0YWjyAYAAAAAOAHgBAI&bg=!dXaldjLNAAZL3OSAa9w7ACkAdvg8WtgRhJ5juZ7LD55-17mffC6Pxzv2XBZsScrZFGBM5mmrcKx3mgIAAAFjUgAAAANoAQeZAvOHj_E-SJHtesyuXt4JOmGZcVT2ynqPhMZoGrSZUV85S5glMg_kv6zEgc6p1RDLsshc2K7bNM-zzDgiQdNagbw1n3Ebk7A1Pl3HMiKgYEsiSc8IiLzAu_BRbs_tjt-bJbxmroqai0snI3EeTS6BUQeaSDppDbRXNEOU8lxvWVbmZZ1VZ247o3npE9jK-uWW_utD0iK3VSgWAqirH4UANVOZf3sBCfur8piL7uE_E27bjSKq72lyx-BwJfa26KWiehUenDFFY0i6KMw4DmIExKCRTFvdjMqoT5LcTAWqTpuyWwDAtna5L5snsK2cQ3mxueN53OSiF2Dmnxs-VdYdjnN_VyvOGzpm3SCm_IFIHUuHF15mveh7XcNA_sgSV42POAfBVMQD0Sq8HkRReMyVj6H_37teajgqmmeBTuIZ8w9IA9pkUS5lkTwtQ93j82NGSrY0Kpe62KvQlmpnFHirCbkvsUJWlJNAnd5DSUOTtW6MnqTeXNqgQGD6jMOHahCVkZRr8snGWbVN0V0XrF72jdyW5lycCuG2r-YYvlFF9EOHgYQrCKyinjXolCKMGVqZfMSitJLxuralIvqat2noshedk_OZMZbnSCnqrDK3rujVIG2IVwjzJxZbj6AvGQOTSuJo2Twn92nKUvB2SxWKhGlilgcN0WdKMtr3LrAf17uC56Id-8TU1nphT7LD2a0iSKlYoxBRVFiUTFi04KTC53hpYq6zvFduzXZZCJY0ePpeIM3iPdVl3erEJFr82FljMhcWvdqVvFxMeGNhFBynVxMjJM_QKPNHK1q6Np3Nv9I3kAbpfbFHpTqrP6lqHK4OHIC4WqNzMCHmH8qikOUUU5NAqMvF3JS-_Wu_phKxi53-0k4vKeaMk-HIlIBFcloN3J5Elyeo8U8lfXlG4cxIKW0yn_hBrq0Er9jR9yUHIW6tObqNFZZWs0uMF-k8TP1OcEnutUvA_xXoI29VwZOdf3SqEy0Pe3tHyZYW0Ge9WB6TcHconQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame EEE7 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZUnjiA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F43F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=2808109351545938&bg=!eHulez_NAAZL3OSAa9w7ACkAdvg8WobAaGO_eBodiczuUaf7EU1JUuwgcROx2V8y_0aDIDv3PBYO8AIAAAH2UgAAAAJoAQcKAJPX652jv6hc74mpfuMkQTI_t0iOUYxuIdRZPGgR_IYsSDMOYpiKwQNiy1LXWMvWBNVBeX0suqilj4xMKKaABpc1noTgqoM6pkw8j1CvBWXprlUiXXIYg0SaZ_eXk-3WG3igXXXogjBsV5JAKG5Wpl1jgx9derULjQWmp3vx9ZEQqpOvxEp3KkVFnQCQGD2S1RycbT6ZArgi9g2m_8G-WUOItLeiuXS11JVHQ0XnLgt_SeeiFPeMqRZoQe-5XMLKG9FVdUI8GnxIao6qrUANvPGK_EPpQKMV3FMrXvqyhORVL94oWXkhhBDxmU-bfMRQglYAYcrJp1Z696n-HW49TCLDZBnxIoq2gxWLlaLPaPuHYbEeJPfXAGuRQmz9toc6NcvHxKAr8DzJn47wo2wyamYFUZPCzZ-oIdEHKEIGUKydLIBKcQZ7gEh2fpYFCu_XxZT87u6Dmt_aljQ3b_cq63GntRPCKNBCs08m7c0ewOGQOu1qh-tktw_20iHN9HAnhLT9VfrTOr8sAvnCyZ6uf0sjKQpX0qsfh_oD-m4TObRr457fXevL4XmQfsLIbeGe4kCIM-j4mXXzsgr7kFxof7ue_mTDi_9E6QSks2V7c0axo2vod8TCtKXuIERex99Ue6gmxIqMKBBk5PxVjkZhBbsDqowYhHTtail4Oqyvx7yBPEK-fQyR5d7x29rTg8qmcIzqDCNgdIte_PV0JSonCawCai84MG3suHmKNK7awIq60HkR_CQW92T0xPbH0Vq2ROX-95zEqshsUt4Pa6L6TUckAN3tqKNA3eOinAjnszdsfQzD2x8J1VZcKFGMpCiaDN9U3xR2kH6WtSVZ1hdyNwbOVyfvY1vIaIVnRB4Iz91z8D8Nl4GP6hAs1XrjHFru1gkExZWOuSyDY__e-aybK1zvz5hzPlL4S8zot4F53FM54EEAsajV1wTv8union8oHYjWn9RDhqRZzlgSy5S7t7EQGG7kLC0NbydV-M9u7OBuWybL6tpUvHduBdpoIvlEU5OyZFJbAoGFUDyjjiIcRcxJIhwmICQqw4z3hTf9sfANN077AP7A_BLpJ4dd0HH3vUEjStnSt7ERAL4Pd9OX8mMcAQT_l1_5B6ndXEOmlbA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C316 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9kFD6A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
img
ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/ Frame 23FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=0fa804f0af57e30a1ebda4326cf1c42cdeef57465904b32ac882c2c72f3e9dca&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F408...
  • https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?uid=0fa804f0af57e30a1ebda4326cf1c42cdeef57465904b32ac882c2c72f3e9dca&tpid=38&gdpr=0&tpuid=CAESEDzh0IpsNWjj_gNl5hhkHLQ...
49 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?uid=0fa804f0af57e30a1ebda4326cf1c42cdeef57465904b32ac882c2c72f3e9dca&tpid=38&gdpr=0&tpuid=CAESEDzh0IpsNWjj_gNl5hhkHLQ&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:51 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/img?uid=0fa804f0af57e30a1ebda4326cf1c42cdeef57465904b32ac882c2c72f3e9dca&tpid=38&gdpr=0&tpuid=CAESEDzh0IpsNWjj_gNl5hhkHLQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/ Frame 23FE
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=9c899cc0951eaec0dd77db1325d67ec78e5d4a297884724422f0fac34b5766df&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b050446...
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=9c899cc0951eaec0dd77db1325d67ec78e5d4a297884724422f0fac34b5766df&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4080401b...
  • https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/js?tpid=48&tpuid=fc34556a4f86c2f31e79926eb6c38a91
44 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/js?tpid=48&tpuid=fc34556a4f86c2f31e79926eb6c38a91
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
22659c3fcd56ac434aef6da309a8e15e25fc07d0aaddc446949989709d6f772a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:52 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

location
https://ih.adscale.de/sium/4080401b05044679bd7712338bc313b8/1652676588582/0/js?tpid=48&tpuid=fc34556a4f86c2f31e79926eb6c38a91
date
Mon, 16 May 2022 04:49:52 GMT
content-type
text/plain; charset=utf-8
content-length
147
vary
Accept
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxVEI,pingTime:1,time:2624,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:30%7D,%7Br:r,h:250,t:245%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1616~0,0~100%5D,as:%5B240~300.0,1376~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:276,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2.970282-61278885%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxVEK,pingTime:1,time:2626,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:30%7D,%7Br:r,h:250,t:245%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1005,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1616~0,0~100%5D,as:%5B240~300.0,1376~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:276,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2.970282-61278885%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxVEK,pingTime:1,time:2626,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:30%7D,%7Br:r,h:250,t:245%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1005,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1616~0,0~100%5D,as:%5B240~300.0,1376~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:276,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2.970282-61278885%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxVH4,pingTime:1,time:3422,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:2421%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2421,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2415~0,1~100%5D,as:%5B2416~728.90%5D%7D%7D,%7Bsl:i,t:2421,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:238,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1.1002713-62059190%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.175e5155-c1ab-3214-1e9d-ce1a3354ee8e.76_10933%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:52 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxVH5,pingTime:1,time:3423,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:2421%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:2421,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2415~0,1~100%5D,as:%5B2416~728.90%5D%7D%7D,%7Bsl:i,t:2421,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:238,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1.1002713-62059190%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.175e5155-c1ab-3214-1e9d-ce1a3354ee8e.76_10933%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:52 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 2CD0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=2145194115485608&bg=!19Sl1JDNAAZL3OSAa9w7ACkAdvg8Wi3_Gsz5VXP-f49K_lSx2YeYeTgIr61xk4rzhget1n1y2JhCFAIAAAD-UgAAAAJoAQeZAt0aNFjTTkZH16iWCAQLKR0gzGDbc0rOcS4Av2lNpd6NoGvVUPJHt3uRb9ntiPhMEuJz5Ussp17SfEOEVj-VFxFwkoWCUB6tz7Q63R-S2QJfiI-QFamh0AEZGv0ofK60nPjg6HxxlivYnVuYDBr-xJj348dA-LxmhzF6rJY0b7jPN_w65sbZwhOqaQ6dhlqf3yUrEwO_npMagk_99ZoP2Zo3PYRXnoXS1VY4vGPt2e-v6cqwm6boXlpoMkUSzX-lRq_rJP-j9EF-fSMyG1uiRH1ajgGmahm7u8ENEG2SZ9ouZu4KKJ7oWzHkHipJ5tOzXSKuTnCJGIg6QaTi3EMCPN9iHHXgM1PYzc8cfbyd_z_A_--F3UZsWCue3Q3TkDtUW7wSQ4k7mwnvOvRjHQPMvd7xetphpUROYQ7avOH8zr1O0NvtOpVlQFEsG_gEsfSeOr2Us8mJMBu3ljrOMe3xaMPBs2l5Ev-qPiqI2F45C5pBoexeK3VaSABuEZmNT1PJOahzeXDDEcLYDQRfZgnCBRpBS6LWbT66G_PIxLizotCaZr7CvbuZLtLMovRpgnkoBvzChSar9o9je1H0jduYdqi4Mf47gsnOKPh2B3c5L5WJzHkRxLM0bS55Lf14HqSyDfYEzw8k1WRjSfvNFIwgdvEzhs7o3oA9aJQUKjjSipf8xyPip__GLkwDcwcHyUKerR6rCzp_ovQrFpfQ_RiB7jiF5bquI0DVb5XfBrqeTq5rdWC-hYQrj5oAAjznnkHoxEWNrlWeGfGAE5RlvxSqyPa_veq_wwARzw_EklYDYSnpZTQa7F5VS6H34mh0qL9mBgaiCj71UGRdGz4X1_hiapdwr9e6s8521VXJ6PDSvKZyKqbH5QyubkLhTNsVa3ZjKFZbNYDGiJT0hlJDpIO0BoBtZPL2sJf0vsefxrg-RqW67Jca8rGq2Yu8N7SSGMjpo7ImzME-MI8UEl-GSltj
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B421 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=466452259210995&bg=!BwSlBEDNAAZL3OSAa9w7ACkAdvg8Wqp2gFJL9htGXdl-M9G5S_q8t6TbizR4GRT3K3iQWLdKmpk9FwIAAAChUgAAAAJoAQeZAt5UkpU7vQDWSngBZwTi7g_eE3nyEswwm6YIEXAwjL9QOrR_15M5ZgdIR671RNbcrRhs8qOh5ijIh4Czx_C1WoAiPrb0JlmFtFWV2Kog3KVjxSX8HclLTwoWQ1FEI3-KNp2GPEm7MnwL7cEvkZLKygVM9mWITtBpAAku4oHt8BgrRf7MGcedkkPhVTsm4DQmb8ALI3Nx-R8VWykmZLQk2fN94ANMG0UuLfw_DzvdcV4d-PWpY49EawsSORzcD3IHoZiN0ArcsXu75QEojVEMmT0Sjt1irUQuos8im3PCea44dSTuo4TfcqtDO4Beawky-jWGznxwKaqzfJ4uAUJI0neAn6uaIgvvy9ib6ZbYt_FazmDTSwG9JZ3zXl4elfaQOldMYXHD1mZqflThKeEECVRufhYBdGAFYsC3DO92u7I37jYy3-A9JMgw1Fpq_IAHobzxpn-4LKHIGrtlO6gQUyisamiAdoeFN2RSXmD1Vv2YlZ5R9HUbxD2TJ-pBMZTGs5O4vh6dXyt_YtjZzLjU3qFxHES1xUSbMsxNVwayUUndNbAv3z0MTgXPkBYGVPpEIi4GDp0WyKzaNIFNxrsCZdyLlXOm9dKn_ZN6mbIC4OvM7LmACgOrf5kgxLRFUlhsdTHBwJGSrN9xXG07aU6N-Upz_whVzFYQ87bLuZ9zeIIdnl72aZV_tsecULMsOULUjuNblZA35Z6Zbb-5A-cWp1o461dz16tXM6LPtAsM6KvNAZW4NfFhrnnaGJgaSz6cCjmx77Q_26-czfUKLYH-sdJHJRWRR85cQSmiRh5c4VaKNz8e05oaB-iCFcE4fS4k0DDc8NF_oYLLQjj6ifBpi2NQ57bSfm_Yy0oITC03w9ZiuLwP_Z0pge7ZEljZwL-_AdtCEgl6kAahVdwCr8Eo3bCtBWAF_Cav9o5ba9LpP4c-duJFJU6gHQEE3MwXOEbT0RSXK8nv8sQCLne0RNV2Hw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sium
ih.adscale.de/ Frame 23FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 16 May 2022 04:49:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
syncframe
gum.criteo.com/ Frame BB8E 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=zdorovia.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5883
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 04:49:51 GMT
server-processing-duration-in-ticks
3461
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame BB8E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zdorovia.com.ua&sn=ChromeSyncframe&so=0&topUrl=zdorovia.com.ua&cw=1&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=OeE0InxZY2h0M2hsdmt4OVp1T0NObml0a1JBdGlZeVpOenYxZm85UzFWV0VtUXh2dWNnZ3RUeU1aTldqeEc5UjVWRzQ4YzV5TytXaGV2azYyVFhHVk12MHN3VVFNTmVqNEtyejhZVWFEb1h1ZWRBbFJkdlV6UkRjb0dxUG...
435 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OeE0InxZY2h0M2hsdmt4OVp1T0NObml0a1JBdGlZeVpOenYxZm85UzFWV0VtUXh2dWNnZ3RUeU1aTldqeEc5UjVWRzQ4YzV5TytXaGV2azYyVFhHVk12MHN3VVFNTmVqNEtyejhZVWFEb1h1ZWRBbFJkdlV6UkRjb0dxUGNOTnFZSFg0YXRodDMyVktxVXBzVUJPTmFocHQvSkl6WElMT01JZHROQmZuMVpCMkh6dVgvUWkxN1pTOUErejBZQXdYeWZqZHAwZm1CeHIrSUNXdk85WG5wWEtjcXRFY0Q3RDNOYWF5VElFMUFLZ1k5WWZIVmoweUJKczJiSHFockVrWWlDRWplTEs0d29iM0hiay8yd2JsTjV2SzlKQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ef3a1b1e39dc4a23363fdf2c25649188244e8ead9f8b0e3159a278be86dcda45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:51 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3567
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:52 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=OeE0InxZY2h0M2hsdmt4OVp1T0NObml0a1JBdGlZeVpOenYxZm85UzFWV0VtUXh2dWNnZ3RUeU1aTldqeEc5UjVWRzQ4YzV5TytXaGV2azYyVFhHVk12MHN3VVFNTmVqNEtyejhZVWFEb1h1ZWRBbFJkdlV6UkRjb0dxUGNOTnFZSFg0YXRodDMyVktxVXBzVUJPTmFocHQvSkl6WElMT01JZHROQmZuMVpCMkh6dVgvUWkxN1pTOUErejBZQXdYeWZqZHAwZm1CeHIrSUNXdk85WG5wWEtjcXRFY0Q3RDNOYWF5VElFMUFLZ1k5WWZIVmoweUJKczJiSHFockVrWWlDRWplTEs0d29iM0hiay8yd2JsTjV2SzlKQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1319
content-length
541
expires
0
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVMr,pingTime:1,time:2579,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:400%7D,%7Bpiv:100,vs:i,r:,t:1578%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:1578,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1205~0,1~100%5D,as:%5B1206~728.90%5D%7D%7D,%7Bsl:i,t:1578,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:198,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.cf241038-dfaa-c8fb-fbbb-3077749aa256.49_970282-61278885%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:52 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVMs,pingTime:1,time:2580,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:400%7D,%7Bpiv:100,vs:i,r:,t:1578%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1578,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1205~0,1~100%5D,as:%5B1206~728.90%5D%7D%7D,%7Bsl:i,t:1578,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:198,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.cf241038-dfaa-c8fb-fbbb-3077749aa256.49_970282-61278885%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:52 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxVMt,pingTime:1,time:2581,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:400%7D,%7Bpiv:100,vs:i,r:,t:1578%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:1578,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1205~0,1~100%5D,as:%5B1206~728.90%5D%7D%7D,%7Bsl:i,t:1578,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:198,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.cf241038-dfaa-c8fb-fbbb-3077749aa256.49_970282-61278885%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:52 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame 2867 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc34d5ca477eefed6%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 0C06 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 04:49:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxWHe,pingTime:5,time:6624,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:30%7D,%7Br:r,h:250,t:245%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5003,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1616~0,0~100%5D,as:%5B240~300.0,1376~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5003~100%5D,as:%5B5003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:189,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2.970282-61278885%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:55 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 74D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1002713&asId=49966df8-6f11-3c62-a522-8ba0e153234e&tv=%7Bc:cKxWHf,pingTime:5,time:6625,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:30%7D,%7Br:r,h:250,t:245%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5004,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1616~0,0~100%5D,as:%5B240~300.0,1376~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:189,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2.970282-61278885%7C1g21%7C1g221%7C1g23%7C1g3%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.1002713-62059190%7C1j11%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m31%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1j1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:55 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxWJA,pingTime:5,time:7422,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:2421%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:2421,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2415~0,1~100%5D,as:%5B2416~728.90%5D%7D%7D,%7Bsl:i,t:2421,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:193,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1.1002713-62059190%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.175e5155-c1ab-3214-1e9d-ce1a3354ee8e.76_10933%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:56 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=970282&asId=cf241038-dfaa-c8fb-fbbb-3077749aa256&tv=%7Bc:cKxWJB,pingTime:5,time:7423,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:2421%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:2421,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2415~0,1~100%5D,as:%5B2416~728.90%5D%7D%7D,%7Bsl:i,t:2421,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:193,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c21%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.970282-61278885%7C1g21%7C1g22%7C1h11%7C1h12%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1.1002713-62059190%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.175e5155-c1ab-3214-1e9d-ce1a3354ee8e.76_10933%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:56 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C118 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=175e5155-c1ab-3214-1e9d-ce1a3354ee8e&tv=%7Bc:cKxWOX,pingTime:5,time:6579,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:400%7D,%7Bpiv:100,vs:i,r:,t:1578%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:1578,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1205~0,1~100%5D,as:%5B1206~728.90%5D%7D%7D,%7Bsl:i,t:1578,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:199,fm:t5YaxA0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C19321%7C1933%7C1934%7C1935%7C1936%7C194%7C195%7C1961%7C1962%7C1963%7C1964%7C1965%7C1966%7C1967%7C1968%7C1971%7C1972%7C1973%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b26%7C1b27%7C1b28%7C1b29%7C1b2a%7C1b2b%7C1b2c%7C1b2d%7C1b2e%7C1b2f%7C1b2g%7C1b2h%7C1b3%7C1b4%7C1b5%7C1b6%7C1b7%7C1b8%7C1c11%7C1c12%7C1c13%7C1c21%7C1c22%7C1c3%7C1c4%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2*.10933%7C1g21%7C1g22%7C1g23%7C1g24%7C1g25%7C1g26%7C1g31%7C1g4%7C1h11%7C1h12%7C1h131%7C1h14%7C1h2%7C1h3%7C1i1%7C1i2%7C1i311%7C1i312%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j14%7C1j15%7C1j21%7C1j3%7C1k%7C1l%7C1m1%7C1m2%7C1m311%7C1m4%7C1m5%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7%7C1o8,idMap:1g2.cf241038-dfaa-c8fb-fbbb-3077749aa256.49_970282-61278885%7C1g2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e08:b1b7:7be2:2f21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:56 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
tt
a4p.adpartner.pro/ Frame BD58 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=1&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.5118770847774199
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Mon, 16 May 2022 04:49:56 GMT
server
nginx
tt
a4p.adpartner.pro/ Frame 2335 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=2&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Mon, 16 May 2022 04:49:58 GMT
server
nginx
tt
a4p.adpartner.pro/ Frame 8A0F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=994efe04-d65e-470d-805e-cbccac7770d7&session_pageview=3&session_id=37e551b5-cc68-42f6-b0b1-2e202c2ed668&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Mon, 16 May 2022 04:49:58 GMT
server
nginx
6.gif
p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 78F6 		35 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.146 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT
6.gif
p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 78F6 		35 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2012 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 May 2022 04:49:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27815369;s.a=3213511;p.a=336160545;a.a=528132699;cache=230036174;
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJiw-mQ9CT_79vVz8K8lvn4&google_cver=1&google_push=AYg5qPIFvpGzc9RV_F8IjTGTA3Mp8WaWyukq4yUvSeylx-aaY-3kJSTG0sBp20lJYpHh2Z4s4HFkr_7tdnaaDvostqbzIG_jZ3gnow
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJiw-mQ9CT_79vVz8K8lvn4&google_cver=1&google_push=AYg5qPJFWT9gXz7gsqzjkOf1L5o1iCVfzu9xWZOV7S57-7ioAdrjv5tL-GSD2OyP2utn0kEqSPpyhZ-egqvd4mHrE5LDHgsXlWoJlg

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| oncontextlost object| oncontextrestored function| structuredClone undefined| returnExports function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| _gat object| gaGlobal object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| HELPER object| admixerJSONP object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding object| hb_dmx_res object| banner1550_2156640030855472 object| ap_br_img number| k function| html2canvas function| _open object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_123 object| Criteo object| Criteo_123 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

177 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: 6deaa01ea694467c91fb456d0d463654
.zdorovia.com.ua/ Name: ngTrackID
Value: 11cf04491f5280ad9403fc5b283d0fbb
.zdorovia.com.ua/ Name: PHPSESSID
Value: es6pvkn18i0smrmoh8t5i09fu2
zdorovia.com.ua/ Name: b
Value: b
.youtube.com/ Name: YSC
Value: zgfNkAH9lJI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: sxgQ_IfCryg
.zdorovia.com.ua/ Name: __utma
Value: 148597372.295295263.1652676586.1652676586.1652676586.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1652676586.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1652676586
zdorovia.com.ua/ Name:
Value: store.test
zdorovia.com.ua/ Name: session_id
Value: 37e551b5-cc68-42f6-b0b1-2e202c2ed668
zdorovia.com.ua/ Name: site_visited
Value: 1652762986.1
.yadro.ru/ Name: FTID
Value: 1YWTVg31EnuK1YWTVg0029rm
a4p.adpartner.pro/ Name: apuid
Value: 994efe04-d65e-470d-805e-cbccac7770d7
a4p.adpartner.pro/ Name: apudmg
Value: 1
.yadro.ru/ Name: VID
Value: 3ADPVv3ZG-OK1YWTVg002Hhp
.admixer.net/ Name: am-uid
Value: 6deaa01ea694467c91fb456d0d463654
.ads.go2net.com.ua/ Name: am-uid
Value: 6deaa01ea694467c91fb456d0d463654
ads.us.e-planning.net/ Name: CT
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBOrXgWICENOsJ4DoRNTkql18gwg48Y4FEgEBAQEpg2KLYgAAAAAA_eMAAA&S=AQAAAuf9ZGO8d3NSS5Vg8QcL1p4
.e-planning.net/ Name: E
Value: AMYyWws39/HFeX7f
.creativecdn.com/ Name: u
Value: 2SXOMgqSDrAZrWTYIox1
.creativecdn.com/ Name: ts
Value: 1652676586
.exchange.buzzoola.com/ Name: uuid
Value: 22220c23-28ae-4cb5-5085-c30cd49646dd
.casalemedia.com/ Name: CMID
Value: YoHX6pnKchycMLvXJupRmwAA
.casalemedia.com/ Name: CMPS
Value: 711
.adnxs.com/ Name: uuid2
Value: 4344810612192819393
.adform.net/ Name: C
Value: 1
.lemmatechnologies.com/ Name: uid
Value: 9c74822b-d4d3-11ec-87e6-801844df107c
.zeotap.com/ Name: zc
Value: a2c63042-dfd9-4aab-694e-7d71b699d6b5
.adform.net/ Name: uid
Value: 8624539296363438648
.casalemedia.com/ Name: CMPRO
Value: 648
.richaudience.com/ Name: avcid-zeo-uid
Value: a2c63042-dfd9-4aab-694e-7d71b699d6b5
.openx.net/ Name: i
Value: 78736a23-88ee-4b8d-8d60-60064ff137c7|1652676587
pa.tns-ua.com/ Name: uid
Value: ZE35EAFBCF01481CBD0CEAA00EDBB92B
.tapad.com/ Name: TapAd_TS
Value: 1652676587273
.tapad.com/ Name: TapAd_DID
Value: 78502984-e40b-4c8b-bf25-8df5f64abece
.360yield.com/ Name: tuuid
Value: 0f76f5df-ad5f-46e1-905b-5dfbe1e5cfbd
.360yield.com/ Name: tuuid_lu
Value: 1652676587
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 15a7c0d5-d557-5288-97b1-c8b0f5301f5b
.betweendigital.com/ Name: ss
Value: 1
.tidaltv.com/ Name: tidal_ttid
Value: 85266d42-bcbc-4dc9-a673-ad4ca28d15a6
.demdex.net/ Name: demdex
Value: 58190441442167557482990353383370800544
.bidswitch.net/ Name: c
Value: 1652676587
.bidswitch.net/ Name: tuuid_lu
Value: 1652676587
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjS0tDK0MAIAoU513AkAAAA="
.betweendigital.com/ Name: ut
Value: YoHX6wAGeED8UED_swYiLmNsTuRezDby5fqcrw==
.weborama.fr/ Name: AFFICHE_W
Value: CbiVwuuL9H0J63
.dpm.demdex.net/ Name: dpm
Value: 58190441442167557482990353383370800544
.adfarm1.adition.com/ Name: UserID1
Value: 7098191892038285455
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.bidswitch.net/ Name: tuuid
Value: 43a463dd-7420-4b16-b08f-8612740af562
zdorovia.com.ua/ Name: lapuid
Value: 994efe04-d65e-470d-805e-cbccac7770d7
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
.agkn.com/ Name: ab
Value: 0001%3A%2B4W%2BynFDxe%2FAinDDJXNEtsS7KfAO8FUM
.doubleclick.net/ Name: IDE
Value: AHWqTUnmCyDYJYO4v7WbwzaGF7fYWR9mJg01HDNg4Ao3dK7JRDeCwpQFyMETwzO0uko
.adtelligent.com/ Name: a319130
Value: c6bafb1f-6ba7-4d43-9af3-13d6ddfda193
.adtelligent.com/ Name: a307971
Value: AMYyWws39/HFeX7f
.adtelligent.com/ Name: vmuid
Value: 1d5ae89843810fa6
.adtelligent.com/ Name: a307558
Value: 994efe04-d65e-470d-805e-cbccac7770d7
.adtelligent.com/ Name: a297253
Value: 4344810612192819393
.adtelligent.com/ Name: a309255
Value: 9201dab5-98f6-4793-bc3a-68fbaa8dc6b7
.adsby.bidtheatre.com/ Name: __kuid
Value: afbc047e-c000-47c9-b15b-740c22b29d03.421890587
.krxd.net/ Name: _kuid_
Value: O1xPneAk
.adtelligent.com/ Name: a289656
Value: 0f76f5df-ad5f-46e1-905b-5dfbe1e5cfbd
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ed778bc6-bdb9-4ded-aa4d-bf78ee9ccce3-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.quantserve.com/ Name: mc
Value: 6281d7eb-c04ad-87629-e71fa
.simpli.fi/ Name: suid
Value: 32C6ECA5D3B440279FE124B47F93ECDB
.turn.com/ Name: uid
Value: 4563681998453056354
.de17a.com/ Name: guid2
Value: 1.1554987726123330793
.adtelligent.com/ Name: a323546
Value: YoHX6pnKchycMLvXJupRmwAA&648
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YoHX6wABp-nfHwAj
.bidr.io/ Name: bito
Value: AABZtk7FA7AAAEWhz7hhQg
.bidr.io/ Name: bitoIsSecure
Value: ok
.spotim.market/ Name: vmuid
Value: 1d5ae89843810fa6
.spotim.market/ Name: a323548
Value: 4344810612192819393
.onaudience.com/ Name: done_redirects104
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3AJ6kze5NTHWXj1PZ8c1FeecIIFZQvsFnq.WVlyoSFWw5bLu2VMMi5XgG3p0BheRatb35GWbAhJLa0
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7098191892038285455&KRTB&23369-7098191892038285455
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YoHX6wABrEVSHgAo&KRTB&22978-YoHX6wABrEVSHgAo&KRTB&23194-YoHX6wABrEVSHgAo&KRTB&23209-YoHX6wABrEVSHgAo
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8624539296363438648&KRTB&23263-8624539296363438648
.mfadsrvr.com/ Name: tuuid
Value: 0d1d89df-1b6e-4182-8ccb-d1e0a5838ade
.mfadsrvr.com/ Name: c
Value: 1652676587
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4563681998453056354
zdorovia.com.ua/ Name: session_pageview
Value: 1652676588.3
.fwmrm.net/ Name: _uid
Value: "e9ab0_7098191892030841021"
.onaudience.com/ Name: cookie
Value: 33e33dbc41f1230c
.onaudience.com/ Name: done_redirects147
Value: 1
.zeotap.com/ Name: zsc
Value: %1F%D3%E8%B14%B2C%A3%C6J%A9%DF%B2%F3%C9%E4d%23%FEs%A1%88%98%86%E5%8E%60%BD%95%E1F%DA%00K%F5%AF%5D%F4%D4%FED89%B8G%C2U%7C%1F%9EB%C6%8D%124M%CF6%FB%E4%E1%12%D3T%23%DD%19l%0E%CA%13%86%A1%8D0F%CC%7C%7B%91%1B%C7%18%FDs%E7%C7%B4Rd%00%23b%D7%84%09%85%85%BFW%9BtTz%0F%D35%F4Y%13%0AZ%85%CA%D6%07.%8D%A9%CC%5B%DA%BC%83%5BY%05i%D4%14%9E%02%2A%9A%A9%D3w%13%B2h%0A%AF%A1%C9%94%83%1D%0F%3D%F8%EE%24R%A8%81%B1%ED%CA%24%D4%B9%19%2B
.mfadsrvr.com/ Name: tuuid_lu
Value: 1652676588
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1652676588
.mfadsrvr.com/ Name: bsw_uid
Value: 43a463dd-7420-4b16-b08f-8612740af562
.console.adtarget.com.tr/ Name: vmuid
Value: be9ac51343071db7
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.zdorovia.com.ua/ Name: __gads
Value: ID=476014c565d1e2f7-227bf61596cd0099:T=1652676587:RT=1652676587:S=ALNI_MadE_hT3SxRqiljCQEI9ntdDFGsHQ
.adtelligent.com/ Name: p440467
Value: 6deaa01ea694467c91fb456d0d463654
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-89d6cabd-7b9a-473c-6248-6ce24d096b32.pEL12UUWL4d3UMHdNE2LO9WH5f5hX168NZ%2BlECAEQ3Q
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AidbKvXuaRzxiSGziTQlrMtmKxGk.b569G01FvQ0cLEPjbpRmyWy9hHrnhw01Rq4qvRyMqb0
.adscale.de/ Name: uu
Value: 379404069fe0475bb5057bd64d385829
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-idbKvXuaRzxiSGziTQlrMtmKxGk
.pubmatic.com/ Name: PUBMDCID
Value: 3
.console.adtarget.com.tr/ Name: a307080
Value: 2SXOMgqSDrAZrWTYIox1
.console.adtarget.com.tr/ Name: a307457
Value: 8624539296363438648
.tribalfusion.com/ Name: ANON_ID
Value: apnsIHRkP6j6eCno77Ek03xZanfgyqd9gTnIa4jDo9rw83WQqdmNTYaZckeNo1Q2fKCvZcNS7X93l4Zan9lrQGZcHZa3JZd
.eyeota.net/ Name: SERVERID
Value: 24143~DM
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1554987726123330793
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-39puKE4JaSaYQSMXSRShXUaS
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4344810612192819393&KRTB&23339-4344810612192819393
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDLexWjta8F_pdVXpcUgzkk&KRTB&16514-CAESEDLexWjta8F_pdVXpcUgzkk&KRTB&23025-CAESEDLexWjta8F_pdVXpcUgzkk
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-WRx_twsZIuRCTXeyDkpqvlgYdb9CS3C3CU_OZZwx&KRTB&19420-WRx_twsZIuRCTXeyDkpqvlgYdb9CS3C3CU_OZZwx&KRTB&22979-WRx_twsZIuRCTXeyDkpqvlgYdb9CS3C3CU_OZZwx
.audrte.com/ Name: arcki2_ddp
Value: CAESEPgRzG0uQqZtaLRezPkhtN4!20210804!1652676588311
.audrte.com/ Name: arcki2_adform
Value: 8624539296363438648!20210804!1652676588303
.audrte.com/ Name: arcki2_TTT
Value: 1652676588304!3lgGzTh9LMoTqeLEeOjAAfUzw!H4sIAAAAAAAAAB2WR5IEMQgEH6MzERJC7jky8P8nTPYc1syuGmGqks7dtb595akvqXG2LC1bzqr3tfo0yklrvNXUVEbxLra2ytojS1123r0+n49UTtZodkVtHzEvT5ZHFns9arnRTqw0b+yqs4lXNbHau2yvRfpc4bec4iOnXkebY/HXkzmU15a9bcgp09o6b9a+0+laynocuquJ9RWyW5kk7nc8co8oqYZHHXEl92ikG0tW3y5vFW/W8yRAum/Ok28XknexO6ucGSp6SKq+trSvtOd9Z7YpnmmWnd44RPaatc1io+Tak3q7c12V631xyNuX8xHuOZOM/ERLy9e23Y/sGFPqbEv2Jdy6vQwv5tki9dvD+/Svejqu1qguaEZoK7fkfLYl5bJdXpN3Hh2351R3jpxhty/LVrjO3S3nQjqzX6nVsqyqS8bxU6od6xFpzKl0fsjkN7H2AhW0KxxY8ZSDXtLI1Hq6idurJEYJ5yye6aV/Fa1Dn0ps99yq3CiFsWyua1olm57cW3YfI9lecepGBXeG2LCgmWNJkINnv3WfmXYoethPqmciKSWuTk7vMrjYlwFT3SoZjRoCqXRnEJNpZNmZJw/h5mR2pXSLOYQpqNTb0NO8W2bOq5bKo3HSvuMM6pCtip4MvZxzj0StA0FexyAJjd51Dzn1ur+cHnrTKRknRC+uZc7UJkJCqnJqZcDv01N5Jtjj9aMt18p1RTWXYLaBKE07bsn4IlqhTfucnnfSmKszP+lcyqFzZQYanfhuEDdXfFd3QVdoPDYlkgaW+nxz6rNT9Pk9iK7ZcL8P3206/hr/n61Jm1nzfWOX0dLtZ24dzLZfNP4Um4+zxOOZ26yRbSYHCtyP8ms8bJ7pU8echu1yGfRTc6o4u0Xucq/+I9GnelDz6jrRP0CIpKPF2mRS/8DYlcTrXtK6Di3dp96VtDHErzuggkuQo8z3Vddzn0eV6dRkuTWAElT3dTSXTnUFw/vuXufGSBcHe+CtLfiMTHCvrIdXK2Pw0c/Tzljm3FeJ1Nf8bH4UZWW82iO/bfY5GT4VuzFR9mbK8O0wFmw8e/NgfGOWm9akXQcPKLMUKyh3de7cuqEDntnPE0UwYvi2cD6z++ibGcAk1Iry9tCXsrexBwKKNcbnlkqQulAeP5gwUvR06cHlg9TxBh2tAEUfhwrgBvCM4yV4hn4QLcj+choq06wI/P8ERYTW0svXtQ2T8pScMiXCcZe97o14gIcW6MpmIz9ppVdmg++O/Xt7dzu4a4Ylq/xJYwjUQFRYURDOoLfjRYPSX8cNbdVGdd3QWz2oZPJZ4naDUyDdI9mteB5fNt/waaMShFqkRcV/o7Ss+4u0HaGS6fscDFq29QJ9K5YMvrunZ4/eK5cEu4N/gAGDaed5XQ3uM7bEowQuVV7+Ftgg0snMGwe1G9Y78EqGO/sCTQN7YM6/xgu99+PTYDM3pQlkD1wn0/y1ADCeZ5O2+Y6Tx0fmRL+AAioBtcFG+AZcUGYUZrkQS0Uqd1Jca0fQDIv6Q8fuxsepeutS1lxNSxUQgYnrh+t0f+hxlXIX06KHzwaHWs7zTOHr28GtoHGW4slr6uqjHMspl8xSK8Z7wVrf2sF3NFfyOoj6fo3tye/u+8FUtvLnNkQzG5BZMQIZlw3w0l6682vEbyyoWtn2qzkwJw/tcDIAxg2v33YREqDjHerwnILg52XuitVfujdf7fBP+wcEZcpTNxwusAhHWH+WMvt5wQmkFsiX3+F8fMo8rIfLCvGZ6sx3lnW+NxAiYUyBfBOEOtwdo/VvdmvkDVnF34dDIIGleElCx0zldow3U59BciyDrvd7DWFsMxZtv51d3uwNjYRZ7lOkdtj5WArlzsFKLkDnBbTuD/QsmFdxo4EPZodeDkjHfMaKKfVaG6z8MZANOX1vWgZkvkXdJbM1dZj6uc4qu2v2yg5GDrCAzboeDgaSn8eNEbTUrrNYKfxedjQ+hXSvgoZmTmUHta2EkRRLNwEaKLNR5+YO0DBQQfjed6fApI1eSKG1n+94DbGL5GssDWfBPk0o7AK6LON7r7AH8QGgSoYoRgRcURKu0/q55a3OlnLq3DiB1wROxHut2PsBCmQ8fLEKAAA=
.console.adtarget.com.tr/ Name: a307565
Value: 379404069fe0475bb5057bd64d385829
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?`MgyNV!@wnfH8K6pQK`!5=E<*L5?%M1j(7.$7#RZH0j$z`6(+uJYsEoR8nFteu-ojo%nugO%v4VB%nn>1*)]fA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1&KRTB&16736-uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1&KRTB&23019-uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1&KRTB&23208-uid:feab6281-d7ec-4a00-aa6a-45a1ef2c8ea1
.mathtag.com/ Name: uuid
Value: a9356281-d7ec-4400-bbc8-84d07d67853e
.fg8dgt.com/ Name: tuuid
Value: 9243fe59-2884-45db-aabf-416254d432c0
.fg8dgt.com/ Name: c
Value: 1652676588
.fg8dgt.com/ Name: tuuid_lu
Value: 1652676588
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMRUM3
Value: 2d6281d7ec2760CAESEPuNOzefaCb38IAiK0knlko
.admixer.co.kr/ Name: __auid
Value: e062321c9066b38c5d731430d6ec099d
.admixer.co.kr/ Name: __puid_103
Value: 6deaa01ea694467c91fb456d0d463654
.admixer.co.kr/ Name: __id_utm
Value: 20220516
.admixer.co.kr/ Name: __id_inf_103
Value: 0_6deaa01ea694467c91fb456d0d463654
.quantserve.com/ Name: d
Value: EO0BDgGTJoEO-TA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-43a463dd-7420-4b16-b08f-8612740af562
.ibillboard.com/ Name: ibbid
Value: BBID-01-03273905892376002-16604280
.advertising.com/ Name: APID
Value: UP9dd431c4-d4d3-11ec-b16c-02080fde3794
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.spotxchange.com/ Name: audience
Value: 9de00524-d4d3-11ec-987b-125b01370106
.addthis.com/ Name: na_id
Value: 2022051604494900014182199675
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6281d7ed0daf51d8
.addthis.com/ Name: ouid
Value: 6281d7ed00010a40d31082aadd2d3934cb68f8b1f6721229778a
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220516
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.analytics.yahoo.com/ Name: IDSYNC
Value: "1985~24ws:18z8~24ws:1762~24ws"
.casalemedia.com/ Name: CMST
Value: YoHX62KB1+4A
.rlcdn.com/ Name: rlas3
Value: m16DccUomv3nksd792CMPaaCXLlW9XtO8DV8eRR6z+I=
.rlcdn.com/ Name: pxrc
Value: CO6vh5QGEgUI6AcQABIGCOndKhAA
.pubmatic.com/ Name: SyncRTB3
Value: 1653955200%3A35%7C1653523200%3A63%7C1653868800%3A166_57_176_204_55_8_165_233_3_56_81_13_7_21_189_5_88_222_22_71_104_234_99_161_220_54_243_238_231%7C1653264000%3A2_15_223%7C1657843200%3A69%7C1655251200%3A203
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: DPSync3
Value: 1652745600%3A174%7C1653868800%3A221_226_235_201_197_219_227_241_245
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1652698190624
.fiftyt.com/ Name: fifid
Value: dc31c4e8-7bcf-441a-5670-b53b1d3918a9
.fiftyt.com/ Name: cs
Value: MTY1MjY3NjU5MHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fEcPs0GlFJxbd0MB-X38udsK1Wo949VevvvI25rz1BcE
.audrte.com/ Name: arcki2_pubmatic
Value: A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7!20210804!1652676590635
.adtelligent.com/ Name: a281178
Value: A8AB6C90-999A-4FE3-B7EF-FBBEABF2AAD7
.semasio.net/ Name: SEUNCY
Value: FF060837D09DE924
.w55c.net/ Name: wfivefivec
Value: wOorq53C1NQsG25
.w55c.net/ Name: matchpubmatic
Value: 5
.fiftyt.com/ Name: fppm
Value: 20220516044950
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:wOorq53C1NQsG25
.audrte.com/ Name: arcki2
Value: 3lgGzTh9LMoTqeLEeOjAAfUzw!20210804!1652676590824
.ipredictive.com/ Name: cu
Value: 9eda09f3-d4d3-11ec-8d6c-0bf2ab20b56d|1652676590992
.criteo.com/ Name: uid
Value: 72556129-2dc0-4ecf-b2d8-03c8076df7ed
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-9eda09f3-d4d3-11ec-8d6c-0bf2ab20b56d&KRTB&23011-9eda09f3-d4d3-11ec-8d6c-0bf2ab20b56d&KRTB&23355-9eda09f3-d4d3-11ec-8d6c-0bf2ab20b56d
.pubmatic.com/ Name: PugT
Value: 1652676591
.adscale.de/ Name: cct
Value: 1652676591667
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1652676592050
.m6r.eu/ Name: id
Value: fc34556a4f86c2f31e79926eb6c38a91
.ih.adscale.de/ Name: tu
Value: 4#3521020899#48~fc34556a4f86c2f31e79926eb6c38a91~459076~0~0#101~BBID-01-03273905892376002-16604280~459076~0~0#38~CAESEDzh0IpsNWjj_gNl5hhkHLQ~459076~0~0#39~a9356281-d7ec-4400-bbc8-84d07d67853e~459076~0~0#40~72556129-2dc0-4ecf-b2d8-03c8076df7ed~459076~0~0#42~8624539296363438648~459076~0~0#108~a9356281-d7ec-4400-bbc8-84d07d67853e~459076~0~0#63~YoHX6pnKchycMLvXJupRmwAA&648~459076~0~0
.zdorovia.com.ua/ Name: cto_bundle
Value: lsn_ql93OWlBRVpDUDJqaVpEeGslMkJyM0hKUnJMWlpRZWdISlZjU1VjUTdjaSUyQnhQbmRCUWREa3ZZTTJLYiUyRnFxJTJCQWlwTk9mZW5RMzFtajA5UVNvblhrOVYzJTJCVkFySllVN1VEdG1maDVabEUwUFNBNzU4d1dEZnVxVmZTU1VQdGUyRkQ4eWh4M0poUVlyWUtPdGpXeks5N0Joamt3JTNEJTNE
.pubmatic.com/ Name: SPugT
Value: 1652676592

9 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: http://zdorovia.com.ua/uploads/dsn/e0/41/001/do-chogo-snit-sya-yabluka-traktuvannya-snu-za-r-znimi-sonnikam-scho-oznacha-zbirati-abo-gotuvati-sma
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=a2c63042-dfd9-4aab-694e-7d71b699d6b5&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2c63042-dfd9-4aab-694e-7d71b699d6b5&reqId=fa7a6c82-85a4-46b4-4841-4689e7df0afe&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27815369;s.a=3213511;p.a=336160545;a.a=528132699;cache=230036174;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJiw-mQ9CT_79vVz8K8lvn4&google_cver=1&google_push=AYg5qPIFvpGzc9RV_F8IjTGTA3Mp8WaWyukq4yUvSeylx-aaY-3kJSTG0sBp20lJYpHh2Z4s4HFkr_7tdnaaDvostqbzIG_jZ3gnow
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJiw-mQ9CT_79vVz8K8lvn4&google_cver=1&google_push=AYg5qPJFWT9gXz7gsqzjkOf1L5o1iCVfzu9xWZOV7S57-7ioAdrjv5tL-GSD2OyP2utn0kEqSPpyhZ-egqvd4mHrE5LDHgsXlWoJlg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.go2net.com.ua
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
adx.adform.net
ajax.googleapis.com
ap.lijit.com
aud.pubmatic.com
b1h-apac1.zemanta.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
c.bigmir.net
c1.adform.net
cdn.admixer.net
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.createjs.com
core.iprom.net
counter.yadro.ru
cr.frontend.weborama.fr
creativecdn.com
cs.mobfox.com
cs.yellowblue.io
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
gum.criteo.com
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
loadeu.exelator.com
m.fg8dgt.com
m.trafmag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i1-v6exp3.v4.metric.gstatic.com
p4-glvpu23wciors-idpfrs6p3ci7rs7w-259981-i2-v6exp3.ds.metric.gstatic.com
p4-glvpu23wciors-idpfrs6p3ci7rs7w-if-v6exp3-v4.metric.gstatic.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
r.i.ua
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.ipredictive.com
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking-a.dsp.m6r.eu
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
zdorovia.com.ua
ad.atdmt.com
googlecm.hit.gemius.pl
103.229.205.242
103.231.98.208
104.111.242.245
104.18.2.81
104.36.113.35
104.92.74.8
108.157.4.112
137.74.6.209
141.94.101.34
142.250.184.226
142.250.185.162
142.250.74.166
146.0.227.107
146.0.227.109
146.59.148.16
15.197.193.217
151.101.129.44
151.101.2.49
159.122.14.34
159.65.197.210
162.55.236.225
168.119.8.212
169.197.150.8
172.217.16.130
172.217.23.99
178.250.0.157
178.250.2.131
178.250.2.151
18.156.0.31
18.157.192.56
18.158.204.100
18.193.50.241
18.198.69.109
18.66.248.90
183.110.238.136
185.184.8.90
185.64.189.110
185.64.190.80
185.86.137.131
185.94.180.126
188.42.196.115
193.200.65.6
193.239.68.97
193.239.71.100
194.213.62.37
194.247.175.19
195.5.165.20
198.47.127.19
198.47.127.20
199.115.119.227
2.20.157.55
2001:678:cb4:bbbb::11
205.234.175.175
212.82.100.182
213.155.156.180
213.19.147.44
216.52.2.30
216.58.212.146
23.108.101.160
23.227.139.243
23.88.75.186
2600:1f13:800:7780:6e08:b1b7:7be2:2f21
2600:1f18:6593:f602:96e:5500:bf36:df5c
2600:9000:206f:8400:f:4f64:8940:93a1
2600:9000:214f:a600:8:48e:53c0:93a1
2606:4700:10::ac43:db6
2606:4700:4400::6812:230b
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2012
2a00:1450:4001:80f::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9c
2a00:1450:4014:80e::2003
2a02:2638:1::13
2a02:2638::3
2a02:26f0:3500:11::215:14cb
2a02:6ea0:c700::10
2a02:fa8:8806:16::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42::300
2a05:d018:24:b002:7f8c:c578:a60f:a080
2a05:d018:d29:3601:c13b:f765:4942:677a
2a06:8640:572:0:ec4:7aff:fecf:c440
3.122.214.165
3.122.23.73
3.123.194.120
3.124.13.195
3.248.131.63
3.81.232.90
34.102.253.54
34.111.129.221
34.111.131.239
34.199.172.6
34.248.96.95
34.98.64.218
34.98.67.61
35.186.253.211
35.201.96.126
35.211.141.197
35.211.178.172
35.227.248.159
35.244.174.68
37.157.3.28
37.157.3.29
37.157.6.241
37.252.172.45
37.252.173.22
38.27.122.158
5.161.54.172
5.178.65.245
5.178.65.246
5.178.65.253
51.158.28.83
51.79.83.225
51.89.9.252
52.212.211.89
52.213.127.205
52.215.230.177
52.71.149.243
52.94.222.140
54.157.213.43
54.216.37.155
54.229.167.95
54.246.237.93
54.74.45.231
54.77.57.224
54.87.192.123
62.149.0.36
66.155.71.150
67.202.105.34
69.173.144.138
69.173.144.139
69.173.144.165
69.192.160.219
72.251.241.204
77.123.132.42
77.243.60.138
8.2.110.114
8.2.110.206
8.28.7.84
85.114.159.118
88.212.201.204
91.210.190.92
92.122.147.28
004680039f3b8d3966069e3d70f391d300869b58c2162b9c416b0b9b554e7873
03500eb16793d208283167ad326c6f36e1561c33862750cbe8e2f30fb99e2a0e
0410a3477d628d71c44f55674e1affc0aeaa46c5998b8e0d09f31ff7321ae356
047a93d22cde8811b3a4b171bb1dc74fdcd45474ccf2411b362e8a65c2e2c8a1
04eccec8b6f4a06b3092fdfedbef0fc11ae32db29efed45ddf8abee254d24778
09aa42bd0f212d3a520bde4ea0eda9d79769a183ef49c3cb7fea79cff4a590fc
0b0853387e622dd1fac85a34065405e79d48746886bdcafd942998f0664cd7a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
0f166f7863fa9b7a6b0afe0c1f4c4971d554cae0fe3d2c7e94b79f32a33c3a28
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1090c2dfa60066448236e51383f97e00308bc61313e840c843e34b3eba31b3f6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
1495e7f83e3901d2eff7595812095e993ff634288ceffc261f4285990d7398a4
149dd6b406978b260d4c59ec9b7a7b816ea104e02f3644becc4e640e7b368f8b
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
1793b0dd0f01ced52eb2062c3f7cae39ffe8684accb6a08b64de9ce9be944a36
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c0319043490791623fd03736c9fcdc4524c333e0382b7e6a49afef77522d75
1a6715bf3bc40105127d000e3b0336b0f8ec406acbb39fcf6df9a62191f6c153
1ae751d52b523973ccb8cbae84382703ae466d0dbdd30ba2e14d8b6a330ea354
1bad7fa0d48ce03296d646f87a1e3355336fe122165039d769119b0189db4014
1bbfb7472bb6143e22f0bd5d81e50ccd03981a6a254fc0926ae075b5de2be1f0
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46
20633ce2674a5b0272d9b4e0b4a037919868fc47b589265b14b8a8fcd5907e83
22659c3fcd56ac434aef6da309a8e15e25fc07d0aaddc446949989709d6f772a
2300f99205a0a4004085fc99b5f13b524c1e56c7ea7dd7a2c3d2d863020fe601
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
242b3e5dbf9a7e9fcd7707a74cbae93f256e024a7a5146ebe3fb51fc3720d43e
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2849dd43843f38fa3ca20d4dfb0d6818690ffaf797857f70d46bd0ff0de5d727
28b57208794bcde918cd024b86587f4afc151116c58a16309d667bc4eb59b750
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c8287318ce146c23a8369e98a2f52f222b3f20dc7faa03297c35a51756f8778
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2d51ad1e501159b88be94d248854ab44ad9193fb429f7f6d7e40941c223a6639
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1bfd25d8af65af058c277e6232fab10c1568093283f40afc9ccfb2497a44ab
2e31a837fb8dfe7133c0578a677138a7dc1c4a9f1bfd46cc65da8534e5051f0d
2eaa8ce05bc7278cd36584a51a6272b73c646fff1988d7bf683596be1f0c3069
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
316e3dc1c04794cf25da0c0373a95b0c87fa59b9d234ac5d17e1710c159e42c6
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34d691926abe24d70abec9c7a2b98926124f8f74a26ccc79de123e5dc57dc55d
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3860a12777669e7d743f9ad8e6eb4f02d0653c6168c9acb97bbb5dbc474cc749
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
3dcd7e67fe77122c0db287fa636be243c77387baa72e074b96414291cf18aeee
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
43fdf1290da9124d761af6831193339d7c2223bd7bc1043352f6b0f8125365eb
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46a61fca4d294fbda28ab31127527ce9650a22b94f6482fa35afffc6b91103a9
489379af8d2781908ca98ee75b7312c2fc91e1b20476ab9ff11fc5bd194c6fd0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbc35bcf5df4d9269bfd011b3c6565d6d5e7bec9e0b4bba67efd77d09035184
4d2ef2d592f177d6008f995b944cda8c3111800e828e3aedb3919d22ce2e4755
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
55154c03657d5478aef68ca518d32f31e09699652a527284ddc668112f8271c0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283
5bdd44d0692f267a0b26e5968e694bbd095511faacb598ce37957d57814490aa
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e7399c983153584a83d1fd94b2892cb888bd925d82ed60de11825dc2ec198f
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
63193babfd752ab8554e09654315b13ec81638169aa3e6104ff888f0827f69c5
6337835d6b5bf7f137ef7e02350b65ddfbd4d121041a08bf4867685cd7c9b098
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
647e173570984b1d83e27313956e816fd7daab276dcf384556dd07d6c5703af4
649bf2fa6b9acd1dc49fd17d2a955a8cd7cbada26a3957e8410cb7a49062cab2
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70
673ab1cd1a3fd4e4223496a8d665c2000951d1f7a310309200a3fb0dc390bd35
67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717
67e4f002abcccebec787abb5fb295dd0067bb752111db2b08e91e84d906681e4
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a3e403bda6464ec955bea8a50a533c4531751f6769fdc2b46b9e838fef46920
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cacd1d34792e933e99d66cae3212cad51f0f34f4b9dfe97884d5e539d685cb0
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
71a5c0febababb55318f7f8273866aa2a7a2bb41f48ef829684a6a9d9d6418ca
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
74d8c9fba3a47b3438f4986caeabfdb83e5b2d53a8a43366d5c02793ed6ed503
762235323102edf25e0ebfbb06a585e86c808a5830b3f7c62173cc796e00210f
76a7f8fcc5d46bf01d787daa908b436f1a68f947354700ccdc77e36fa7055de4
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
774e73bd7ed225d5533e535bac610176dd168bb7bf5417ff3066e71d8f430b22
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
80e89f1ab0cf9c5d8f147cd072e62035be77e6ec20fcced3da878fd137333e8c
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
82771e4d6525355863d5aaca06c8b9733b54be3d18a9e1cbcab4a19df0a6d9ad
8291e39ab10fb0447c378a69ba1ec69dd5c443a1249d1c6e2f4ef4ec53fef8ec
82b43040409e057bca1bae4ae9d39a73b1fa43fbbd5f907f05142c27bda89e10
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
871d2e9a8bfaee60673c0da8eb46c1f4ad050a016dd6bdb2e8e1a60a56657d8c
87ec99b45eeab3f28e9e918a5248bbc8b3e14d0d726a34b35bc44ac69232725b
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6
8a83467c416681c2c757a9bb57df244629dbd95497a4f24ec3f713ba389cb616
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af7879cf41c6f0f83b11522fec6d3b641de4911427b895ab14b9100a55d0e2b
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8bf44662cb0c4b1cf318ef2ab43c8c598de23ca4c18fc16c0f1d3a94e3d1869e
8d0351181325bff073fa94bff8b6f3b330d41f1a9aa25fc29480fa685318e577
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
9209e7afb1726d2ea4ca89aac5410756fb80fc2318bd233ffa48a9ef9921fb97
9250a3c3d3277937e35b82dc600ff12273d0e713f77d3a30361836c649e27828
953cdb0d7a2926fd3a92bec349cbfcc6a13d78e9f8c0a35042bab48fbdf7ea58
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97347f37f21d141b84ff3a9e3f659fc1bbfe3bc66104c4efea4bd49a61423c26
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98cf4363335cf3a6bffdd5f44ba7f6ec0b463f6d5dcab5906512e87f2782d944
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0de96edd269b462677718d11e8f5f9548eb683ae07234e891e8e03ba1aeadd
9a1cb135934c288fb2fc9e3245ea72887565593265e6a603e9c2f78d0f1b6403
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb6da85068d70193dd6af030824d7f2ce75955c929ce1c46b4a2afe30961f31
9cbbc8d6a02b1cdfcb290a83714f282e1d965071a900ee0ef5c693d436e7db12
9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a653655a55b4a67650d3a6922fa70779b80bf7cdfb43e0c274a61ebbdd09ed
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2725c90a857b1d2093a78ece9e427077d87502a492a8ba40f8a498db4305754
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a3a815c91ebca454c2d4f67fee2bc7f95b770c7537d7214850d6f0e0661e5113
a43c8c4b6be5be943caaff32ba3185a5bf2bd0a06ef0197d953e34cf7dde4270
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a4981d5bde9e219461b01ae95ec2b80d9ba97ff82c745976a36face309839db2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a9998ad26ea95018186b0fd859ffaad20857ed7c7b93ee4395b261e6e07ef91b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1c905ddd7bd4e078fd6b3cc2241b3a8d05c37f0b68f473d6e6b613520c0ca9
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
accec248141e0b60f1b72b2d2b4d4ce1e1298311b92ea21b834bc9cf0ca56e7a
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad244a6483c52bf77ab783f6e009da7a1af287a04d572600cf65176a3c4f9c1b
ad28b4ae5e5197a789d8e214a1f8d0a9a8ea334ed25924a8593a0c5cbefb56d2
adb80be09a54261bf77bd2bc39fca4ff8cca4fe1c100513d76b02ba0befef3b0
ae772b33c3c7f09550c4bafa8ee21580a90882ca998cbdbf9844a8b1ebf3f8f9
aeaaad610062091d2df0f1430457f09e7fb36188e40aaebd1ef5ff78676d38aa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf
b30af8b3634fafdaa43577e8bf5d29485818d18cb22a4fd2a0ab08f9c8ed325e
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b4117191090235c6145243855cfe3f96c8caf7b90ee6fdf6626db7e7ba9c1253
b436e01745b37e08917465602243858f27f0043ca593413a65641237242a9a31
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b56c21f94c846431e5d7471a8be28840608cfdb35658a50e292fb8a685e6dbcf
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b730cad1e622883f4d15bd86803a3907d06b79d0cbfa7222ba98e2011c64d365
b814ad3a98c733d0de0bbc33afe08d7127ebfd786aab163ca7cbe3a2af8877cf
b885e4187760e6e4cf682cc80424625e16327efb8d2274929077d8acf3007cc9
bb56899b55f642bb02aae32457bd6f1eef1a51579329276fc6f51f675f3263f5
bbed499affbabd0bf18a7ba8a3ddcc321b0d5c1e3ce7f59405215cce117680ee
bbeffc2e9a2ff97b0eea3da7f6448661de8a30326d8c6f24263e2efbf5126913
bd75cc24e817f1502c8ae8234a0af98f056efe5d8bea0b6d306f6205d512d65a
bd9063283366a0cfec62ccc561902b293f53a490fd8a69eca7c3dab5c0f02a34
be5274049f5af28679c254ca8bc1dd93e401ec8d76ae0d6b37732f0fa7ef10b1
be82debc01c1984ca157692269aa6cedb43f94057eaf57950cb300c0d54bb52a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c249b56ac7511cd1537e1834591081d1db83a4e102e11d4ecb08d7390442729b
c3fa35edd693685d78f7827dd1f8960cf22dbac1edbcc103d07d99bd44312df0
c402e09ab2026afa74c8105b97c2d2ba657bbe0da64933f03e4696af00136a0e
c44e7c9d91d2218825207d7854aa4b8d29eebd6205fcaf2d63c516ca0154dee2
c5b1438769279c2aed720f1c01d3ff77c1850247a1b8813f87e46098216cde73
c62bc6a1f6c81f1c352072a264e959b0fdccacf9843b5a818b62dbe7128476f5
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c92dd9af85b5d7ede49e7d6027c6c26a66063f92fad86e933c66aea85525d902
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
cab35dfcb0e0127899b61cfb6df53325a6b63bbd3aec99d7ed68fdfe26b750c3
cb1aae9297730534cfb42db742a24c9ba18e1ad1cc5275037d0f1d5386d1f7d0
cb456fc6973f7f43835192e0502b08aa19971ea6631c8d8ac37618b50770b3a4
cc5bf93fdd985bb9a478acbb44d27662d0db8df9db04cdcb5e09db5a4c70d1e5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa94fb21ab7162bdb39d58a809cd0c475aa21fb87384e82c94076e3de7c8b5d
cff27eb300eb2d10c0f724374f9789b12d0d19606dd56b8a1018f138fe3bfcbe
d05fbc0f479ae73c70d5511147de55109d4f99a9c82c50f6f0e5b62fb1ee0537
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d144cefb4a890e78b34230fd4c92ce912f7d649249f119bf6dce42fa317b293a
d4835c42ac9bc594b5c9ae153cf67918d767358e1864dc08d005a0b60a79142a
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db6d0497d19aa23a7ae2832cf6672c4a10ab3ba26eadfe4e36cf2b4574d5ad31
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3954618eaf3c50eca983f021cf9069ab004e312c1f530b184d69ce6a5fc82e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4a2771df2b950104733588afdd7be441b2285c6ee7638fd32087dfed085799e
e4da30586f1fabdc4aef38b03ccf8b7f07bbabd08095b4efb72dc5b2536da954
e50089e2ce91a46e79dc98f2a49007b815d7555381be0b777197ef873be7d2bd
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e6262a1e821ff92a4f9ef1561d4e14b5b0c91a53b38c3a199c04f9dad30af3d9
e63e2b040841c4ea072961cdb4a62a2f9307c2b766d3fd285155002ad8a73370
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f
e85a47c1cca62f5e43ca3bba6afa8b36710e13f23f0f329cc8c5fc8e825d1ca5
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
eb99052048ae65337db0cf788e5025531eff105966ee7b83c7f3bf179e0ef827
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec699adbd5b88855392bde9c53ffaa03e051eb1642451fc38aa626c8d37546ce
ee27b610c1404830efdd96be58f05a47d80cb497b9e36246eec83b8b59c503ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3a1b1e39dc4a23363fdf2c25649188244e8ead9f8b0e3159a278be86dcda45
f0c3b6b68bdf01fbacabb2e27fb33506eb77ca21a9313a73b854ab302d967499
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a
f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f313e3fdd6a9d7b8807a75554708d5e9544b94e8d89bd0445d3ddbda6ca72c08
f3fd7fddbd3e2d6874066aeafb2dfae937924a6bc39a8c3d80d993dcd290e0d2
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
fa2cd6f1dc1815d3360bded1a8852769bafa9af71a950442881a7ea60ccc50a1
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdb736764b48613a841948cd49bbd20c0f8cae7ce14433cb382de518f0af9e62
fe4acd4879f7b0ba454b516714141a530961c843fd84dbe44311314e78cda592
fec2bec90ae85dfa2cf9709cfeda07d619feb599dcadd7de5da610b81d225511