urlscan.io logo urlscan.io
SecurityTrails logo

ihealth.in.ua Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ihealth.in.ua/
Effective URL: https://ihealth.in.ua/
Submission: On August 13 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 7 countries across 40 domains to perform 256 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ihealth.in.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 13th 2022. Valid for: a year.
This is the only time ihealth.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
14 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 178.250.0.139 44788 (ASN-CRITE...)
4 178.250.2.150 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
4 2600:1901:0:7... 15169 (GOOGLE)
56 2606:4700:20:... 13335 (CLOUDFLAR...)
3 4 2620:116:800d... 16509 (AMAZON-02)
2 2 18.195.201.66 16509 (AMAZON-02)
19 142.250.185.66 15169 (GOOGLE)
2 35.244.174.68 15169 (GOOGLE)
4 4 104.111.215.191 16625 (AKAMAI-AS)
3 185.64.190.78 62713 (AS-PUBMATIC)
5 5 104.18.19.126 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 34.98.67.61 15169 (GOOGLE)
3 35.227.252.103 15169 (GOOGLE)
3 3 69.173.144.139 26667 (RUBICONPR...)
4 7 104.96.132.42 16625 (AKAMAI-AS)
2 148.251.139.77 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
1 46.4.41.145 24940 (HETZNER-AS)
1 78.46.85.162 24940 (HETZNER-AS)
2 2 142.250.185.134 15169 (GOOGLE)
6 18.133.111.12 16509 (AMAZON-02)
3 18.66.97.96 16509 (AMAZON-02)
2 18.66.139.104 16509 (AMAZON-02)
8 3.8.108.133 ()
256 42
8    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ihealth.in.ua
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
6    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
16    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
20    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
14    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
4    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:223c:c400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
4    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
56    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
4    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.195.201.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-66.eu-central-1.compute.amazonaws.com
d.agkn.com
19    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
7    104.96.132.42 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-132-42.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
2    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
1    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.o2online.de
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
6    18.133.111.12 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-111-12.eu-west-2.compute.amazonaws.com
track.webgains.com
3    18.66.97.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-96.fra56.r.cloudfront.net
analytics.webgains.io
2    18.66.139.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-104.fra60.r.cloudfront.net
cdn.track.production.webgains.team
8    3.8.108.133 (None, )

ASN- ()
api.webgains.io
Apex Domain
Subdomains		 Transfer
56 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 22303
ad4m.at — Cisco Umbrella Rank: 2303
assets.ad4m.at — Cisco Umbrella Rank: 34366
2 MB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
ad.doubleclick.net — Cisco Umbrella Rank: 214
124 KB
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
363 KB
31 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
pix.eu.criteo.net — Cisco Umbrella Rank: 7159
csm.eu.criteo.net — Cisco Umbrella Rank: 7456
104 KB
11 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18601
api.webgains.io
155 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
154 KB
8 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 110895
static-de.ad4mat.net — Cisco Umbrella Rank: 152918
16 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10493
2 KB
8 ihealth.in.ua
ihealth.in.ua
91 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
302 KB
6 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41780
58 KB
6 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14571
4 KB
6 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11084
ads.eu.criteo.com — Cisco Umbrella Rank: 7034
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9488
102 KB
5 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
5 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
1 KB
4 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1751
3 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1083
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
1 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
620 B
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 636
248 B
2 webgains.team
cdn.track.production.webgains.team
91 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 54650
580 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 53836
370 B
2 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 74614
1 KB
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 925
462 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 611
107 B
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 568
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3617
71 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 64395
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 65187
1 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 46722
729 B
1 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 18179
697 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1464
688 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
645 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
41 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
256 40
Domain Requested by
24 assets.ad4m.at as.ad4m.at
20 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
19 cm.g.doubleclick.net googleads.g.doubleclick.net
ihealth.in.ua
16 ad4m.at as.ad4m.at
ad4m.at
16 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
ihealth.in.ua
14 static.criteo.net ads.eu.criteo.com
14 pagead2.googlesyndication.com ihealth.in.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
13 pix.eu.criteo.net ads.eu.criteo.com
8 api.webgains.io analytics.webgains.io
8 mc.yandex.com 2 redirects ihealth.in.ua
mc.yandex.ru
8 ihealth.in.ua 1 redirects ihealth.in.ua
7 www.googletagservices.com googleads.g.doubleclick.net
6 track.webgains.com as.ad4m.at
6 www.awin1.com 3 redirects as.ad4m.at
6 fonts.gstatic.com fonts.googleapis.com
5 ssum-sec.casalemedia.com 5 redirects
4 static-de.ad4mat.net as.ad4m.at
4 e.dlx.addthis.com 4 redirects
4 cms.quantserve.com 3 redirects googleads.g.doubleclick.net
4 prod-rtb.ad4mat.net ihealth.in.ua
4 csm.eu.criteo.net ads.eu.criteo.com
4 fonts.googleapis.com ihealth.in.ua
cdnjs.cloudflare.com
googleads.g.doubleclick.net
3 analytics.webgains.io track.webgains.com
3 pixel.rubiconproject.com 3 redirects
3 rtb.openx.net googleads.g.doubleclick.net
3 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 image6.pubmatic.com googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
2 cdn.track.production.webgains.team as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 banner.congstar.de as.ad4m.at
2 odr.mookie1.com googleads.g.doubleclick.net
2 id.rlcdn.com googleads.g.doubleclick.net
2 d.agkn.com 2 redirects
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
ihealth.in.ua
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects ihealth.in.ua
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.conrad.de as.ad4m.at
1 www.zenaps.com 1 redirects
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com ihealth.in.ua
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
256 53

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-13 -
2023-04-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh

This page contains 36 frames:

Primary Page: https://ihealth.in.ua/
Frame ID: 868BF7B09E5FBF97D5535C68EF768488
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: AC83FD1E960475321FFD9C55933C74C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&adk=1812271804&adf=3025194257&lmt=1660364402&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fihealth.in.ua%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402256&bpp=7&bdt=541&idt=319&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7483991097825&frm=20&pv=2&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=334
Frame ID: FB1DCA01674003B57E9F2B38714457AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Frame ID: 59B5607CB6DADF2786E6B78AD5CF9E27
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Frame ID: A7E80B7F4CA0E0ADF847CE883296FB71
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Frame ID: 7B7CDAC3A92A75CF6C203C8AE0887B3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Frame ID: B929C07EE8BF208C34C5C535451BC7A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Frame ID: 746615CDBD3AF3DD94B8622AA2D41F72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Frame ID: F74FB2649BBE18EF1C413645BBDD6463
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8E88B120311976407038B2B18AA1F0D1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 07ECAF39187D5B59F1E13B58F0CC957A
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Frame ID: 0C1E24045A36A2A6D949A3119204E0B1
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 8FCAFB28433BF3EACD4DBE49CB78A10D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Frame ID: 925E83B02F6B36B1F8D87B74A2D2ABA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CvoLBcyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEvQFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunhc0m0dpAliy_dR511_8kNwXqbHFNR_heDgDf2wfT5NZHn0fSJReABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI3NzMwNDQyNjEzODc0MDQYAA&sigh=NX4C4cZrJCQ&uach_m=[UACH]&cid=CAQSOwCsnQUxO6M1VeI_QoY-HtEH5RbzhaKj-cWXcr7FXpdXpB_zf-di_r-Wnx3yLdwZ1J8iWoWdwkn_N_IzGAE
Frame ID: 2F357FC893F2AD44A5360C6A236C8D96
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jv6n0qndexe282pne0gh813f5a3jh58nh7k3gjj6ypdvh4rddd34xhhnbqpawnf1wqtm1sqrxnkybnbcnwxc4btpnhwwcb8ee9vc2f5r6twhvf69et97c2b81cfqacpk33509r5wjzrwm6sj69jw7763jpvwsrn4rs87nfqzs133p1kt8nyrd5ztvh00ztpest1ejngceshm1ccfy0peqtm6j27eenjt3xk2gepagp3hfgse16cz0f7zx509nb1xpwrd423st9ggzbwbdm0y5gtcam0ardxsnq2s8eqdmcj00w9879jszzwz63q7af6m4qc4326jnnvqw25jm341kabxph2wc50zz9g8aq2b5kz3fw985k80xhrh2r2qy9tenj2jfpt4411pw3drpwv2cn897g5fn3gj4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%26client%3Dca-pub-2773044261387404%26adurl%3D
Frame ID: 898242FCDA1C3B62D43799FB24D04179
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3BE5A800ED74DC434B9D64521EEB2B29
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CVMgAcyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgS9AU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNtbGV8Ei8Dd1DzPaoo7_yiYzi_DjWco2pTcGVVr54e1ArWD1nhch4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjc3MzA0NDI2MTM4NzQwNBgA&sigh=xClDTx8WJTA&uach_m=[UACH]&cid=CAQSOwCsnQUxZElYd6PP1yX4Mb-BINHWvlk2yBSREN0k7_liQyeeSPTqq0E4qyaZhq69OUDhOhvyokiBJ5vDGAE
Frame ID: 339E3F1D57BF35C6FAC4A63DF181AAAD
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jq9y2x0xghxny77pv9ta3vg5w8nx501md4rtgbmvwx9nvmrne7cgt3qmv914r3ygw1vgbd6mznfzmybq2rqe1216tzp0fck2e9mer3cj7bj07m4756reg33bz5fya39nvt32fda0thktfzqc8ybz2x0269t5bq6ncpc4esth4y5jgvzqswtzqz8fk421z6yrfsphxqq3sh0z3jf4brte1pat6g4p9ms2yzghs7csaxpx50eaxnn268skdfjw6axcetkbn4by44d15858s0n965q26pt8b7h39p1c0ehkfa6t8vfbcxhvv8bcnmtx5v1jcty5gcfpdcwp3dkzgrz1xbd2c51750m2s4gzczjk0cfwa8x2vy4b3fg3b89jpcd4fw667br4mpq6m0w747g5fcpcwq7nh0dqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%26client%3Dca-pub-2773044261387404%26adurl%3D
Frame ID: 7344EA2D031C7E91CA1198806E3763FD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1554215963C6D6517D0B336D755ADD42
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cfesmcyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgS9AU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPylvQdAbSWWOph_dO6-aJVQDa-bfJ5wpwqiXRnQeqPrhQY4mCFxkoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjc3MzA0NDI2MTM4NzQwNBgA&sigh=6FzPXWVJ2hw&uach_m=[UACH]&cid=CAQSOwCsnQUx0eKP6Jl7qhIJ1OqcxClIwNS9nP1sY4jsMBmMZR5wBz4XlOnR3BmAJbWNFfPAebNCQzhtgA37GAE
Frame ID: FCEC57BFC711E8111DA03CB3E42B227E
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hptejf610a8tg8v6pm4vd9a2ft93s3emekxkhbmfhwkd0zb2z18x99r7h2ywq5tarhea5askgmtf5xk07683chwx43rwbkxf3qx6njr8e8re5ygw92sddveg3kq0yjs4jcbvv3khkt0v8qv5yf8f2z6xck5x0zmztp24cw7xzrdn5njgev6qzxp2pfmwz4te9rv40df9pfxf53s66nbf5afh6h1x4jaypf3d89kjr0dys2x7ddz89m7d4fsms3h3r25mfj0hghqhx7gq1kmdvvfm0mktfpfynnhfz3xhtqzkd67g9cmnz8h7wc1nffgabgdywy00b6n7vjj9bdwh178d76gqqdp02pnv4z69q8g7r4e3s8mvygtdqtpzkerant9xspdwea2fntr2mpbk4wd9tevcrknfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%26client%3Dca-pub-2773044261387404%26adurl%3D
Frame ID: E4917654280B1EEABAE81297F29C44BE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63BD3A043C7B7D98D5BC2994454B6341
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CIXp0cyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEvQFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA97242Tm4VOxa2vp4_23VbyQnAMYl5Gko8PUrEXHBuexNLpYVsEjpTeABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI3NzMwNDQyNjEzODc0MDQYAA&sigh=MFdPYrMsm9c&uach_m=[UACH]&cid=CAQSOwCsnQUxz__L0M1VUF_KwrgV_De4juKLb9Nm3qhX3PKnZtZ8r12pOIZqoQrwst5RGLYPqAIi6flmHbrCGAE
Frame ID: 7EB07DFC8342A0A709DF38B1E4CDE1D0
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gqxtgcttfyxbe0vvtmvhv2s4cg7rfe892r9p3hz3kmz27se72ev71hp192fte55ss9k635kjks4exvxerywx2wtex4h0azvy5z905gqfkvgfj7f6krzmy4a7m8vzgxvjh06e8hmwj2pzjnqydsdw01c9nw92vy3saf4db3vyb5728mf3968scme4pzqf7h04bkqj4w5k0yc7afz48ykdz1zw76tkqy9drqtkd1whchz5bk1mjjm1rmvp85mxfm7mb75x9rrycz37zaj6g4dhgazb6ee3844vk35bcc8q2nj4c60hzzfjnmnptvnv4b5nr3dv7pnj2rf9xhg00w37m3m6y23bc469zk6j2f6gjkd7qchrza3qkjbsfyebw9kek7ann2p9qyhpq5tcppyrwptaw25eknbac&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%26client%3Dca-pub-2773044261387404%26adurl%3D
Frame ID: 7F77A05FBD67B7020923A0970BFCFE28
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 13491F3FB2F2DA1B9670AC4C2211EA36
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8B48710463DF2A6970B31EF96D21D312
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 60B50046DE9C06D621EE26D4C158DC32
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6345EC597470512FB38EA47872E37D28
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B8EA10286C3BEFBB8AFCB8C9FEBAF713
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Frame ID: 70ED836EAFA523E88CAF46B3DFD258C3
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Frame ID: 4CC166D6A8A9F2D6E5EDD2D0CEE8B607
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Frame ID: 182A9FFC9789585C2B9E57BD1F1D4C4F
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Frame ID: E7401A2CA40695CF9E5D39831C13324C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 457B939EC0483759025E63805872EB61
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E7A6BFF8A9C12FC0DAAAFB3860EC39F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

iHealth » Український інтернет-журнал про здоров'я

Page URL History Show full URLs

  1. http://ihealth.in.ua/ HTTP 301
    https://ihealth.in.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

256
Requests

91 %
HTTPS

51 %
IPv6

40
Domains

53
Subdomains

42
IPs

7
Countries

4028 kB
Transfer

6945 kB
Size

52
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ihealth.in.ua/ HTTP 301
    https://ihealth.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9728.cn70_QFd1fIC4XJ2TGq0TrW8EVZAacCCiEByDxAE5dDZgf0InDrX7SdTUEYE2Kqt.62QweRX7ets4NIYJTd7gMhCEh1w%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9728.eYm2ZtgyWGTuORB7hCBPpA0x9BAQQrlqBdZfnjrOjRQSUD16ANMyA3pq4eY7sMkXp35YwrDJO3d3Vm3D_VYKIw%2C%2C.qe-SQ_Q_NYPZczKqqNbVjxPD0xQ%2C
Request Chain 24
  • https://mc.yandex.com/watch/55357057?wmode=7&page-url=https%3A%2F%2Fihealth.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A945%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A442805293093%3Ahid%3A785944662%3Az%3A0%3Ai%3A20220813042002%3Aet%3A1660364403%3Ac%3A1%3Arn%3A33931900%3Arqn%3A1%3Au%3A1660364403769444994%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660364401026%3Ads%3A0%2C93%2C294%2C49%2C298%2C0%2C%2C382%2C5%2C%2C%2C%2C1118%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660364403%3At%3AiHealth%20%C2%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%BF%D1%80%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/55357057/1?wmode=7&page-url=https%3A%2F%2Fihealth.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A945%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A442805293093%3Ahid%3A785944662%3Az%3A0%3Ai%3A20220813042002%3Aet%3A1660364403%3Ac%3A1%3Arn%3A33931900%3Arqn%3A1%3Au%3A1660364403769444994%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660364401026%3Ads%3A0%2C93%2C294%2C49%2C298%2C0%2C%2C382%2C5%2C%2C%2C%2C1118%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660364403%3At%3AiHealth%20%C2%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%BF%D1%80%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 105
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJi3OMMqQKm3ZQOSdUIlESI&google_cver=1&google_push=AehlK4CcFGDpHynPqAiGRHa9Aanx-XFfZLjnEeLCAgJr1SAI_XfRYXA9Y9-uXj7TWGBqVNjWT8WwQPDoZ3OgpKQKrBavQIy57Mct HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CcFGDpHynPqAiGRHa9Aanx-XFfZLjnEeLCAgJr1SAI_XfRYXA9Y9-uXj7TWGBqVNjWT8WwQPDoZ3OgpKQKrBavQIy57Mct&google_hm=Q0FFU0VKaTNPTU1xUUttM1pRT1NkVUlsRVNJ
Request Chain 107
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BbuWN06Pk5_GYRShypmHi0KkQ86ufrIOVJIftkB_it04fEuTcHpRj1a7HanLCxeDkWVd3vQl1EJu1lu6eB875Ic5c1AMwq&google_gid=CAESEMDBu32_jWzUy3tKGWywS_M&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BbuWN06Pk5_GYRShypmHi0KkQ86ufrIOVJIftkB_it04fEuTcHpRj1a7HanLCxeDkWVd3vQl1EJu1lu6eB875Ic5c1AMwq&google_gid=CAESEMDBu32_jWzUy3tKGWywS_M&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDA4MzA2MjA2NTU5NA%3D%3D&google_push=AehlK4BbuWN06Pk5_GYRShypmHi0KkQ86ufrIOVJIftkB_it04fEuTcHpRj1a7HanLCxeDkWVd3vQl1EJu1lu6eB875Ic5c1AMwq
Request Chain 109
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_cver=1&google_push=AehlK4BUGJA1QlGt0tfVCjfJNCLLJO7gVBqCyV7mUJvlxf5BIPoRF4RFjwc7JYp461cCdO0d0XUypE3pBR1KJ3jlE5NNv41S5oe6 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_push=AehlK4BUGJA1QlGt0tfVCjfJNCLLJO7gVBqCyV7mUJvlxf5BIPoRF4RFjwc7JYp461cCdO0d0XUypE3pBR1KJ3jlE5NNv41S5oe6&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4BUGJA1QlGt0tfVCjfJNCLLJO7gVBqCyV7mUJvlxf5BIPoRF4RFjwc7JYp461cCdO0d0XUypE3pBR1KJ3jlE5NNv41S5oe6
Request Chain 145
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEANYNzGRskOPSIby9UQc5jw&google_cver=1&google_push=AehlK4C0AFqt064twKFeixGuxBDQGD3VtlgzJUyFLwIEbhPVybvOMWCCY-iarOYp8DN-kC2NHkEkX0KpMYOlO2x2etVeZdX3pF4TDw HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4C0AFqt064twKFeixGuxBDQGD3VtlgzJUyFLwIEbhPVybvOMWCCY-iarOYp8DN-kC2NHkEkX0KpMYOlO2x2etVeZdX3pF4TDw&google_hm=-ywNz_skCNJNEkkdhSb1-g
Request Chain 146
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4ClfEzwAJw_ojW6vsW5NZ7Kb9AJ5dfG2coQetfqyVayqkiXWaAXSJd23fzloq4I43IEQtKRoWDAEBKScv6AOvAKWF1tYpeA&google_gid=CAESEMDBu32_jWzUy3tKGWywS_M&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDA4MzkxOTU4Njk5Ng%3D%3D&google_push=AehlK4ClfEzwAJw_ojW6vsW5NZ7Kb9AJ5dfG2coQetfqyVayqkiXWaAXSJd23fzloq4I43IEQtKRoWDAEBKScv6AOvAKWF1tYpeA
Request Chain 150
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFAB45zHBCME5gv6BZ9m8vw&google_cver=1&google_push=AehlK4CsfKceZwOADjwk69chlRDeucmeHWa_gaeHQRYLhBP9BQbAwbtG1oChdPUggY1XejwWcgGgVYzAIYpicVYpG-Bx1aox0OpGXw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJMlMtMy0yWEJT&google_push=AehlK4CsfKceZwOADjwk69chlRDeucmeHWa_gaeHQRYLhBP9BQbAwbtG1oChdPUggY1XejwWcgGgVYzAIYpicVYpG-Bx1aox0OpGXw
Request Chain 151
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_cver=1&google_push=AehlK4DTtnYqh3edpubYBQcc2i6V50CxbkUYx43FiXO7pMa9iKw8z6C3xKnhPrEkxkwiMVlaJ01RY6b9S8q2mDPMsRnj9McPSR3oRQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4DTtnYqh3edpubYBQcc2i6V50CxbkUYx43FiXO7pMa9iKw8z6C3xKnhPrEkxkwiMVlaJ01RY6b9S8q2mDPMsRnj9McPSR3oRQ
Request Chain 156
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEANYNzGRskOPSIby9UQc5jw&google_cver=1&google_push=AehlK4D39OK74MjaOvRGed5sCr--yeEKmpNGMc9-Y8tEA8WCgaOxmIQAP67VGbB0IfNMJf0oNNZ88Dty3hzElqmKVFSgKnE2QtWaLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4D39OK74MjaOvRGed5sCr--yeEKmpNGMc9-Y8tEA8WCgaOxmIQAP67VGbB0IfNMJf0oNNZ88Dty3hzElqmKVFSgKnE2QtWaLg&google_hm=-ywNz_skCNJNEkkdhSb1-g
Request Chain 158
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Co779O1WRR5qQMpIc2XWON8MrFvlxWaGUCBpVY5q5jy6gOsDKv1AaKEUVnsJy2ItW9YwwQBMlDDvhRxhvH1aziUc8ph7ab5A&google_gid=CAESEMDBu32_jWzUy3tKGWywS_M&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDAxNzAzODY2NjE3OA%3D%3D&google_push=AehlK4Co779O1WRR5qQMpIc2XWON8MrFvlxWaGUCBpVY5q5jy6gOsDKv1AaKEUVnsJy2ItW9YwwQBMlDDvhRxhvH1aziUc8ph7ab5A
Request Chain 161
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFAB45zHBCME5gv6BZ9m8vw&google_cver=1&google_push=AehlK4CPOCGbrCV6Jo_lf63IB__jubKaQIwr4GvTZlQumkbRwn50EZYv2H6bys_g4ZExMYAXuQenfR_gGY-NamAa8LfSINZ75IzGeg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJMzQtMU8tRVhSVA==&google_push=AehlK4CPOCGbrCV6Jo_lf63IB__jubKaQIwr4GvTZlQumkbRwn50EZYv2H6bys_g4ZExMYAXuQenfR_gGY-NamAa8LfSINZ75IzGeg
Request Chain 162
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_cver=1&google_push=AehlK4DU0ieCGG3-wkqfZHtKf59nuDVTZ_RmP35TuOoNJ5jEOcyEsogYXpDX6NlPSAq5ZDprBjdXPLtJSeGka4bSQm8q5mVoMRJGOg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4DU0ieCGG3-wkqfZHtKf59nuDVTZ_RmP35TuOoNJ5jEOcyEsogYXpDX6NlPSAq5ZDprBjdXPLtJSeGka4bSQm8q5mVoMRJGOg
Request Chain 167
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEANYNzGRskOPSIby9UQc5jw&google_cver=1&google_push=AehlK4DSKtlx8tHPd-Gz97zDgexYZCCUwdcjCiNCCbdyZrHiKJM7c3_BpYU1Pkf-nNXdcPwHmhDQX47vMWZDqCMksWKvYqVdk7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DSKtlx8tHPd-Gz97zDgexYZCCUwdcjCiNCCbdyZrHiKJM7c3_BpYU1Pkf-nNXdcPwHmhDQX47vMWZDqCMksWKvYqVdk7A&google_hm=-ywNz_skCNJNEkkdhSb1-g
Request Chain 168
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJi3OMMqQKm3ZQOSdUIlESI&google_cver=1&google_push=AehlK4CkuiA1OGxhoMw5wfZYFbSJqe4gKEFoWdx40aVE5XmHrCzRgxcUiaFpjUUPowEimbEHbiGkkBLWyJSqJQAeqhfuSLaylUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CkuiA1OGxhoMw5wfZYFbSJqe4gKEFoWdx40aVE5XmHrCzRgxcUiaFpjUUPowEimbEHbiGkkBLWyJSqJQAeqhfuSLaylUw&google_hm=Q0FFU0VKaTNPTU1xUUttM1pRT1NkVUlsRVNJ
Request Chain 171
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFAB45zHBCME5gv6BZ9m8vw&google_cver=1&google_push=AehlK4BZXR7Ygi21ajrS4F1tpA0PAq2CGqUTg2JlUQRXLB90eYiPCu4GmxarRW9cnqoaIuxIesIZY4ID1GLqtrI0U4thxJ0T-mo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJNDAtMVotQkdI&google_push=AehlK4BZXR7Ygi21ajrS4F1tpA0PAq2CGqUTg2JlUQRXLB90eYiPCu4GmxarRW9cnqoaIuxIesIZY4ID1GLqtrI0U4thxJ0T-mo
Request Chain 172
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_cver=1&google_push=AehlK4B5gyMx-YNSwvrfTlXYN0ZGMRxPPI4RG29f48mZNyf8L0VoB4NJ7jJUVr4rm39ZZtsVZ3hRdUL_2KWayTFxOu3bJXkX8Z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4B5gyMx-YNSwvrfTlXYN0ZGMRxPPI4RG29f48mZNyf8L0VoB4NJ7jJUVr4rm39ZZtsVZ3hRdUL_2KWayTFxOu3bJXkX8Z8
Request Chain 198
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660364405_353820e0-1abf-11ed-94b9-2265b3bf8141
Request Chain 203
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=353ab8f1-1abf-11ed-80d0-22316432dc67&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1660364405_353ab8f1-1abf-11ed-80d0-22316432dc67&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 215
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022081306200574561538369X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022081306200574561538369X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703
Request Chain 218
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022081306200574561538371X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 230
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKjyxLT7wvkCFb39uwgdOK0OrQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660364405_355593f0-1abf-11ed-94b9-2265b3bf8141

256 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ihealth.in.ua/
Redirect Chain
  • http://ihealth.in.ua/
  • https://ihealth.in.ua/
96 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dccdcd2d92d7d06d1b8ead3251fb225d84c727fe9000a2f4330e1c392ae3e655

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
739ea7e50c904089-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 04:20:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76rVaVWWkkeKHFzEkAGkrOHxt5g1byA3zeaadtkUoPtYewR8X1DhSLP4EhgYzzUn%2BLwDeawHDkxNxFdnoFisve68B2L1OD1JEh3W8N7JBldVc4cbJ8FNg%2FvFy7ifX4ZS5G%2BwOkl5XtEJar%2Bg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-ray
p529:0.090/wne4066:0.089/wn4066:0.090/wa4066:D=82765

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
739ea7e2e89d8e2c-LHR
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 04:20:01 GMT
Location
https://ihealth.in.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN7Xra0IMQ2IK6rHp5NAeJqkwI9Bc3M6S%2BJJmPphgIFtthGOgUB8SijWTnsOE1xXPcBKxoYg9YdKD7J3gu7%2B5mp80TPk3T8mP6pBCoLfE6P6uPYct5wlQPtYVi4TaoHpg3Mx63ETDrGA%2B%2FsV"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Redirect-By
WordPress
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ray
p529:0.090/wne4066:0.090/wn4066:0.090/wa4066:D=88294
6vlk.css
ihealth.in.ua/wp-content/cache/wpfc-minified/ky18188n/ 		79 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ihealth.in.ua/wp-content/cache/wpfc-minified/ky18188n/6vlk.css
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115c5e4c3a816cdafb1c8c566ef8316174b44fd6735cfd26febcc6f581c2ca59

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p529:0.000/wne4066:0.000/wn4066:0.000/
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Mon, 24 Jan 2022 10:30:48 GMT
server
cloudflare
etag
W/"61ee7fd8-13af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pA67nbuIe6smMHBKXSYAszE7U6Ulzsy7y6kY0nfwqLTu1v9fM0Qx0YcsNMeWhRacewbxw4auXG4qnrrRSavzA8MYvrugDwRnA9Uy%2FGDUhg264fazjDEjV%2FGWK1L%2FzOP%2BJpygR6ZFr3VCI4gk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
date
Sat, 13 Aug 2022 04:20:01 GMT
cf-ray
739ea7e6edc74089-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand%3A400%2C400italic%2C700%2C700italic%7CRaleway%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee15481250f79d7a3d2669f1b282b78aac946d1ea24e088a064613d70c1ece1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 04:20:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 04:20:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 04:20:01 GMT
6vlk.js
ihealth.in.ua/wp-content/cache/wpfc-minified/lk6wj5b0/ 		105 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ihealth.in.ua/wp-content/cache/wpfc-minified/lk6wj5b0/6vlk.js
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7b2628957455c52c627d02e6ee23b39d925d7c66b424e66917db939b7b8693

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p529:0.000/wne4066:0.000/wn4066:0.000/
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Mon, 24 Jan 2022 10:30:48 GMT
server
cloudflare
etag
W/"61ee7fd8-1a248"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6Q6NxSkNpYfpVnu9mLofsawk6b6LvPLJb2NBMpJWJEl2AxFhjq0H0XYYa8GPEjDGX%2FpIZBzgihfck7sm7C8rB1vCJP6V7gZKDwJB0gkqOnzuBXFmvBghY6htLqMr05tAsDkqGnCZsQLqZrw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
date
Sat, 13 Aug 2022 04:20:01 GMT
cf-ray
739ea7e6edc84089-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
6vlk.js
ihealth.in.ua/wp-content/cache/wpfc-minified/zyp8ugk/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ihealth.in.ua/wp-content/cache/wpfc-minified/zyp8ugk/6vlk.js
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d05908ab184af669014c38ac2d1c3e495eefe4e2ecef99943e08790ed25e80

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p529:0.000/wne4066:0.000/wn4066:0.000/
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Mon, 24 Jan 2022 10:30:48 GMT
server
cloudflare
etag
W/"61ee7fd8-2166"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gp09eWA52bjMYWny5SoDCVjYFsX5roxo1TfEVQywKTMTuooIU0QOsLxxLvJj4IZh3yUl7LshNSpZ%2B2Uxs%2FqQEfG0FE%2FRRxnbNoK5272I7x6o90gsNSOey%2FAURPE7j7Hb4e8%2BaViVnRg%2Fh%2FSA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
date
Sat, 13 Aug 2022 04:20:01 GMT
cf-ray
739ea7e6edc94089-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		170 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
766adc31a815c2b017d5b2178598849e8aa3757077c157e1b7385de3f11f7757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57577
x-xss-protection
0
server
cafe
etag
16638420747689844524
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 04:20:02 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-148167665-1
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c40ffd5d2151a521c3e2de238f4b3181a059903d477fd1c4fd67de7caeae1796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41920
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Aug 2022 04:20:02 GMT
logo2.png
ihealth.in.ua/wp-content/uploads/2018/10/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ihealth.in.ua/wp-content/uploads/2018/10/logo2.png
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157ef37ed7772c01e72d9be63b260d7ec1e2ecdac5e1609c6567e49f31aa052d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p529:0.011/wne4066:0.000/wn4066:0.000/
etag
"5d794e41-24d6"
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9430
last-modified
Wed, 11 Sep 2019 19:42:57 GMT
server
cloudflare
date
Sat, 13 Aug 2022 04:20:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG2AOsW5k9t4pzW1VTrRoTJtL73UwbPNyPymfOZNO615HXsXf1Pq9n0DYa23r9BUqDU6JgCrL8bWNhHmh7%2Fd05ul78GEbYz4FUthZvDPjEG5itCTnVCD0%2BGjkuolJ9hD7RJ4G6HOEFaZk7yG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
739ea7e859b04066-LHR
wp-embed.min.js
ihealth.in.ua/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ihealth.in.ua/wp-includes/js/wp-embed.min.js
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p529:0.000/wne4066:0.000/wn4066:0.000/
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Fri, 16 Apr 2021 00:55:45 GMT
server
cloudflare
etag
W/"6078e091-56f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGm%2B2NSvD5t%2Fqh9v4jaqxiwButTGm8fICCRSXtZxwgzCAttpiKRs2Mq%2BjBhSPvr5P1RkQfXdwcior0YxbROzKqNW7SZCU4Qi7ZKdLkuFJ2NmLgylgazTVi3otB8rI6GNOpKfsCoAaJDuDe8A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
date
Sat, 13 Aug 2022 04:20:02 GMT
cf-ray
739ea7e839994066-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag.js
mc.yandex.ru/metrika/ 		205 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
4c7f7718e32f02dd00533f7f87feae91e37e68b9e7df0bda0e62cba8441d1972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:02 GMT
content-encoding
br
last-modified
Thu, 11 Aug 2022 14:22:53 GMT
etag
"62f4e68d-118d1"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71889
expires
Sat, 13 Aug 2022 05:20:02 GMT
genericons-neue.svg
ihealth.in.ua/wp-content/themes/donovan/assets/icons/ 		27 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ihealth.in.ua/wp-content/themes/donovan/assets/icons/genericons-neue.svg
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p529:0.000/wne4066:0.000/wn4066:0.000/
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Wed, 11 Sep 2019 19:42:45 GMT
server
cloudflare
etag
W/"5d794e35-6d66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NcogVZzLaGr%2FNLB%2FX0OOP6mHYwo4fsyYEOjF5CWKe%2FBOWq7v8u1nANUNtyp3HDmj2mBVX90nE91GfOrGfsNNDiqgTpuzS1C7TGX5VOerhL77Z0gKZFzHCaVkkFAEtbZW4zkHfqf5ciwwBQc"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
date
Sat, 13 Aug 2022 04:20:02 GMT
cf-ray
739ea7e859b14066-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1Ptug8zYS_SKggPNyCkIT5lu.woff2
fonts.gstatic.com/s/raleway/v28/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCkIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C400italic%2C700%2C700italic%7CRaleway%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ihealth.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 04:07:25 GMT
x-content-type-options
nosniff
age
346357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25640
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 04:07:25 GMT
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C400italic%2C700%2C700italic%7CRaleway%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ihealth.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 10:24:08 GMT
x-content-type-options
nosniff
age
150954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25672
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:12:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 10:24:08 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C400italic%2C700%2C700italic%7CRaleway%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ihealth.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 03:52:09 GMT
x-content-type-options
nosniff
age
174473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 03:52:09 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148167665-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4682
date
Sat, 13 Aug 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 13 Aug 2022 05:02:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32b5de8292ae103abbee25b0067fe44f62cd019d000a8f627a1bd4c28dd0f769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122753
x-xss-protection
0
server
cafe
etag
13457618475822436668
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 04:20:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame AC83 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
61577
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 11:13:45 GMT
etag
8616628553774171045
expires
Fri, 26 Aug 2022 11:13:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1604559089&t=pageview&_s=1&dl=https%3A%2F%2Fihealth.in.ua%2F&ul=en-us&de=UTF-8&dt=iHealth%20%C2%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%BF%D1%80%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1862941514&gjid=194859382&cid=843282222.1660364402&tid=UA-148167665-1&_gid=357351320.1660364402&_r=1&gtm=2ou880&z=2049354361
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ihealth.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ihealth.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9728.cn70_QFd1fIC4XJ2TGq0TrW8EVZAacCCiEByDxAE5dDZgf0InDrX7SdTUEYE2Kqt.62QweRX7ets4NIYJTd7gMhCEh1w%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9728.eYm2ZtgyWGTuORB7hCBPpA0x9BAQQrlqBdZfnjrOjRQSUD16ANMyA3pq4eY7sMkXp35YwrDJO3d3Vm3D_VYKIw%2C%2C.qe-SQ_Q_NYPZczKqqNbVjxPD0xQ%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9728.eYm2ZtgyWGTuORB7hCBPpA0x9BAQQrlqBdZfnjrOjRQSUD16ANMyA3pq4eY7sMkXp35YwrDJO3d3Vm3D_VYKIw%2C%2C.qe-SQ_Q_NYPZczKqqNbVjxPD0xQ%2C
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:02 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9728.eYm2ZtgyWGTuORB7hCBPpA0x9BAQQrlqBdZfnjrOjRQSUD16ANMyA3pq4eY7sMkXp35YwrDJO3d3Vm3D_VYKIw%2C%2C.qe-SQ_Q_NYPZczKqqNbVjxPD0xQ%2C
date
Sat, 13 Aug 2022 04:20:02 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:02 GMT
last-modified
Thu, 11 Aug 2022 14:27:18 GMT
etag
"62f4e796-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 05:20:02 GMT
cookie.js
partner.googleadservices.com/gampad/ 		217 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ihealth.in.ua&callback=_gfp_s_&client=ca-pub-2773044261387404
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
fb994c518da6741a1228684d63d6876c9228de2e3dd3e7d41a79ccc646f42116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ihealth.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 04:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ihealth.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 04:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FB1D 		187 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&adk=1812271804&adf=3025194257&lmt=1660364402&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fihealth.in.ua%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402256&bpp=7&bdt=541&idt=319&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7483991097825&frm=20&pv=2&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=334
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7abd4da7a7ac545d5e633d3b3bbedca5abf0393e9c4bc16cfcc1eb967a4bdbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
49675
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:03 GMT
expires
Sat, 13 Aug 2022 04:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 59B5 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e07e42ab2a0857b289ccc5b1b92dc3546dc59b4c005594709591011eaaeede1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9644
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:03 GMT
expires
Sat, 13 Aug 2022 04:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.com/watch/55357057/
Redirect Chain
  • https://mc.yandex.com/watch/55357057?wmode=7&page-url=https%3A%2F%2Fihealth.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A945%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.com/watch/55357057/1?wmode=7&page-url=https%3A%2F%2Fihealth.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A945%3Afu%3A0%3Aen%3Autf-8%3A...
357 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/55357057/1?wmode=7&page-url=https%3A%2F%2Fihealth.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A945%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A442805293093%3Ahid%3A785944662%3Az%3A0%3Ai%3A20220813042002%3Aet%3A1660364403%3Ac%3A1%3Arn%3A33931900%3Arqn%3A1%3Au%3A1660364403769444994%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660364401026%3Ads%3A0%2C93%2C294%2C49%2C298%2C0%2C%2C382%2C5%2C%2C%2C%2C1118%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660364403%3At%3AiHealth%20%C2%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%BF%D1%80%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
65510378ed1ad5f6f90e3e21d2dacebd6e9fc76b83b04ff1f99fffe17c9f8c25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:02 GMT
x-content-type-options
nosniff
last-modified
Sat, 13-Aug-2022 04:20:02 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ihealth.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
357
x-xss-protection
1; mode=block
expires
Sat, 13-Aug-2022 04:20:02 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:02 GMT
last-modified
Sat, 13-Aug-2022 04:20:02 GMT
location
/watch/55357057/1?wmode=7&page-url=https%3A%2F%2Fihealth.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A945%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A442805293093%3Ahid%3A785944662%3Az%3A0%3Ai%3A20220813042002%3Aet%3A1660364403%3Ac%3A1%3Arn%3A33931900%3Arqn%3A1%3Au%3A1660364403769444994%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660364401026%3Ads%3A0%2C93%2C294%2C49%2C298%2C0%2C%2C382%2C5%2C%2C%2C%2C1118%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660364403%3At%3AiHealth%20%C2%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%BF%D1%80%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ihealth.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 13-Aug-2022 04:20:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 59B5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:57:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 59B5 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 04:20:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 59B5 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:08:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 59B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvyYDcib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS4AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xaucEQ1CDXyBj7sh83fzxEfbws9cf8CZomW7if2CDULub5AqsGrEcuABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI3NzMwNDQyNjEzODc0MDQYAA&sigh=krid-MzxTX8&uach_m=[UACH]&cid=CAQSGwCsnQUx79K5wU5NXxYpHEE-XX67D_YB0-t16xgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Aug 2022 04:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 13 Aug 2022 04:20:03 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 59B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPSWEsz6RLAJmAKdg2ICAgAAAFLRT43CAyRmEHIm92IGw3KXUrWbYNDSlgASAAA&wp=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:02 GMT
server
Kestrel
server-processing-duration-in-ticks
266285
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame A7E8 		139 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
33f883b10505b0751de0b7babbd81632fe3cacbdd218487fe94be2eefa422c6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=H9Wu3WpVwKlkWLS1dNkbY5ZirWs_HAvBLAl2VA4ALOTcg5bpNyz6tJGrd9uu8ra3RHkZPZT0sARRHXs8NMfTkCtvH8KBzIvtWxFopNRjN8UFhGIy-Gaz7tWL37hqM491_4HNQAMJcBFftJme3WVGsEEpLCbgyFWpSn6zzEs2NyfWcWfiihxPwvscnyaWpbWL_oadXvtS2-uBKXL7l6i3LrjnsjL78GEOdyxkX3yjwva0t-Liao069N5mrIB9yIeEaQXfPg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59617652
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
privacy_small.svg
static.criteo.net/flash/icon/ Frame A7E8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:03 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A7E8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A7E8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 08 Aug 2023 04:20:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A7E8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 08 Aug 2023 04:20:03 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame A7E8 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=t-bBWLwQntlCFvaPFLg9a6Cl-mYweMdcviT5ft7bQt-Sm5rHS836XgxICvjrmjN8o7UzRtyBqNW0WsHp4saVJYco6SsJQTynmORo5D6UJ9v54Xri5BuaRMvNMV0Nv5ICQuj-bPsAdIf8KNPl2sSnQPhz7Q1kDFi2Fm-gXpAJUmB-9eK3j0v859k3oQrt53ngHttFY-tAxqSLfoHdfeyimlXT4oFKmrbKyjAXcHmNZwLeDgg0ksmNt76ouxLSqsQF6VUTVkZQTW2jdpifRugJqsab8awzGE_P8eTvoKYCECE0UTqhZvJ5-UURShYLAffEBVpnF3DeZ3jqsUZpUi2gG1gxlmQ4VUBReE4_hoV-hupErsu9toAM8l8iDIUSgHyYBe0VjHynG5YtQ-ekYCtYhmWlsbA7F4_55cXJ4F44kaxSx6TT
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:03 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3936499
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 59B5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad8c30ae028238d5613d4b2509165d50c6064ef861ffdfc42055a3a7d4dfefc0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A7E8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
215303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt8HSCHGafK1e6tgJpzRsbyDd880exifkOAdLWdSzwjCs1pAI0k5Uui6gIEUIDIj4P4H1Nm3xws%2Bhbw5wfiwP5fih5bFM2NYzm5yp4UrSWNzQICyrkSM2FNDHmxv%2Bh8y7g9zFYuIE1N7I0BLV5gHFIN4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
739ea7f278930635-LHR
expires
Thu, 03 Aug 2023 04:20:03 GMT
animejs.js
static.criteo.net/animejs/ Frame A7E8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:03 GMT
img
pix.eu.criteo.net/img/ Frame A7E8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=35641&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F35643%2F200515%2F787697b7fe984fe49ac189fc092e0972_my-protein-logo-2000x2000-white.png&v=3&w=196&s=01omjkono1-i6x_wzabm4TI1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1fa16b01e976d07660ebbecb42fa90fe390d9560e32e65832aa2873b4988ba12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29368551
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7399
expires
Wed, 19 Jul 2023 02:15:54 GMT
img
pix.eu.criteo.net/img/ Frame A7E8 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=35641&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F35641%2F211229%2Fc090e6ee9cd0448997139c3d7d99a32d_img_horizontal_1.png&v=3&w=1200&s=j03aiPlbzd5huTF9xusbhz0-
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f359ce241c87d02ff076f9162c0b4b3467c56255517018a2930941de7ad09e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30681700
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
26788
expires
Thu, 03 Aug 2023 07:01:43 GMT
img
pix.eu.criteo.net/img/ Frame A7E8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=35641&q=80&r=0&u=https%3A%2F%2Fs4.thcdn.com%2F%2Fproductimg%2F960%2F960%2F12767049-1184878561521970.jpg&v=3&w=800&s=lT9MeK8NRNBn-Hz3twqPDNp_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d31de3c6c789f0c7c72cf09f38bfc1706e8852313697faadeba83e579b88c527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29391721
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7900
expires
Wed, 19 Jul 2023 08:42:04 GMT
img
pix.eu.criteo.net/img/ Frame A7E8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=35641&q=80&r=0&u=https%3A%2F%2Fs4.thcdn.com%2F%2Fproductimg%2F960%2F960%2F10530638-1754904416415712.jpg&v=3&w=800&s=idb8QTtRt_ycfcMUf2u8LqJV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
58b31ff84a6db56a3957b39b98391934c10d4d4b9b72b3e2705987606f7fb2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30968139
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7798
expires
Sun, 06 Aug 2023 14:35:42 GMT
img
pix.eu.criteo.net/img/ Frame A7E8 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=35641&q=80&r=0&u=https%3A%2F%2Fs4.thcdn.com%2F%2Fproductimg%2F960%2F960%2F11871494-1974726119634029.jpg&v=3&w=800&s=TH-TekXC8UjfxNS5itjviLfo&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
785a1a1fe994337ff18a08d6e32d37111fb6cc09e0938db1672957e4d2e76fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28815545
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4600
expires
Wed, 12 Jul 2023 16:39:09 GMT
all
csm.eu.criteo.net/ Frame A7E8 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=H9Wu3WpVwKlkWLS1dNkbY5ZirWs_HAvBLAl2VA4ALOTcg5bpNyz6tJGrd9uu8ra3RHkZPZT0sARRHXs8NMfTkCtvH8KBzIvtWxFopNRjN8UFhGIy-Gaz7tWL37hqM491_4HNQAMJcBFftJme3WVGsEEpLCbgyFWpSn6zzEs2NyfWcWfiihxPwvscnyaWpbWL_oadXvtS2-uBKXL7l6i3LrjnsjL78GEOdyxkX3yjwva0t-Liao069N5mrIB9yIeEaQXfPg&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:03 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A7E8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A7E8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:03 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 		150 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/reactive_library_fy2021.js?bust=31068911
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89247e6d06195c3a5fc563ffe3f508fd304ef591c6453eafa907128d070f05f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54703
x-xss-protection
0
server
cafe
etag
8411131557768172363
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 04:20:03 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ihealth.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ihealth.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7B7C 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7279466e27575aecb1113cb2637b591b9c3e8947f4ffd8315301258672e99abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B929 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df17149b11991597922f36bc5d3f7c67a633b896989f23cb64cff6da4c663051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12441
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7466 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffebd1dd0cd478670124588b2d93b724fde70db13e6795988c018c42692a778c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12238
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F74F 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f87cef5da83abce79c618bb876e2a71298c7f78e612aee83c45c06d2ac89edfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12576
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame A7E8 		5 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45b4df3791f15848f459acfcdb947c967d32a2ab208189ad19236126e23a8637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 04:20:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 04:20:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 04:20:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/ Frame 8E88 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
8379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 02:00:24 GMT
etag
8616628553774171045
expires
Sat, 27 Aug 2022 02:00:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/ Frame 07EC 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
8379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 02:00:24 GMT
etag
8616628553774171045
expires
Sat, 27 Aug 2022 02:00:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 8E88 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 03:17:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 04:20:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 04:20:03 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8E88 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 01:12:08 GMT
x-content-type-options
nosniff
age
11275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 13 Aug 2023 01:12:08 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8E88 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:11:04 GMT
x-content-type-options
nosniff
age
539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 13 Aug 2023 04:11:04 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 8E88 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:48:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
14969459707636190018
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:48:50 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 07EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ciyjacib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLgBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPBXEFTeyjPMsPmTNeteyoVrFic0S_XJkJM7NEM5gPvKIhkPk847LoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjc3MzA0NDI2MTM4NzQwNBgA&sigh=X1iuUoyg1Aw&uach_m=[UACH]&cid=CAQSGwCsnQUxy_D7AxUnai4KasC0ksCTcCtKRrmcGxgB
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Aug 2022 04:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 07EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kJCTFMz6RO0HfJ2DYgICAAAAUtFPjcIDJGYQcib3Yg783pmlfeuF5to7ABIAAA&wp=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
server
Kestrel
server-processing-duration-in-ticks
296498
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 0C1E 		173 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fb8d3c65e9530140a542310a506cbdae7aa0745883b90b451bdae70773f83be9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=n-GT8mpVwKlkWLS1V_ONg9UCGeJagIQznJvaSKjWv80EsVNeRcf6IikTGHCmCZBfgA9OTqeg2IZ-zkA5I1chby3_9C3yZIMNi7t1RTpycHKJSjmBO9ZHCa1XmuXxKZsIiOwK1evzuZDi9cG1clo-ampm1hmTMUbakhd8eRnhpuk_uxlHMhD8eWFvZQZgMRwLz3pH-TTl2PCiFpkTNTdge2RXF7AI5UpRqoM2i1p41LNrSxhyFKDth1g6y22vlH7-aw2m8g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
102452970
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 07EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:07:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 07EC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:08:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07EC 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 04:20:03 GMT
css
fonts.googleapis.com/ Frame 8FCA 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 03:18:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 04:20:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 04:20:03 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 8FCA 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3323
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:24:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 8FCA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1034
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:02:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 8FCA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:07:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 8FCA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:08:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FCA 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 04:20:03 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 8FCA 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A7E8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
159492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A7E8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
514222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 05:29:41 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ Frame A7E8 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 19:26:04 GMT
x-content-type-options
nosniff
age
204839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12372
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:19:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 19:26:04 GMT
truncated
/ Frame 07EC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4f618b9e0091199bbfd4c088ebd6c42133b777fd94ac324bfea268372e26e7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0C1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:03 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0C1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0C1E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 08 Aug 2023 04:20:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0C1E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 08 Aug 2023 04:20:03 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 0C1E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=d7j2lKRIYb2R1_pVszN_nNZuML0Hqis0CWEG6TcNZp1r2Fft_VSP0WfKkwUtd3e-3LAz5eMyajC6N4yC10JwEHQeqmT33ZbCicGo1ARx37fYRKNF1XjX53GXidFGisRpWP2ogrPa42soddUweoJ_3agN0O8A8VnUgf9iBhQp4xzeqxLz5-6dTrrUOtQiP00oAVrLIn4YOqNoTvXrW6FiBW_q8YRxTqvnx5zTaoUZKhRfLf5C8jUZwaKScWIXyS2u4XoPfF5oeIJ4vn_bfk3hScAwnxb_o_hOVnwLQOFFVK24E2pwcJLM_zsmd3MHR4TjYvgvip0TFjrUkbm8gOfMyIjFLpRF_GutFwc9EUxUcOMBtsDEWUFe8r4AqR28uYsytCkGcmXt0wDWjvCqyjciNM2G7pdGhcH5PF2zoywxH1JxMeMh
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:03 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2692748
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 0C1E 		0
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1660364403
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
OJZHUKhiJJr6pJIYj1HaXseW6xlRtvibn-b8p8VxZ2FRmZmuHBLqgg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 0C1E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:03 GMT
img
pix.eu.criteo.net/img/ Frame 0C1E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=OSVWZlqsAEjHj4o1uxJfPYMJ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30858913
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Sat, 05 Aug 2023 08:15:17 GMT
img
pix.eu.criteo.net/img/ Frame 0C1E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=672391
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Sat, 20 Aug 2022 23:06:35 GMT
img
pix.eu.criteo.net/img/ Frame 0C1E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1902558
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Sun, 04 Sep 2022 04:49:22 GMT
img
pix.eu.criteo.net/img/ Frame 0C1E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoStepStone-sucht-fur-das-Deutsche-Rote-Kreuz-295856DE-2203290822.gif%3Feb%3D1&v=3&w=400&s=Sub1ufbkaEPVL_nnvgia_tmB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1265720
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2742
expires
Sat, 27 Aug 2022 19:55:24 GMT
img
pix.eu.criteo.net/img/ Frame 0C1E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=400&s=Y5UrGVI-PKzb_L9pX4wn0Fm8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=570289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1382
expires
Fri, 19 Aug 2022 18:44:53 GMT
img
pix.eu.criteo.net/img/ Frame 0C1E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoLowenstein-Medical-GmbH-Co-KG-74111DE-2105110848.gif%3Feb%3D1&v=3&w=400&s=2-_TANSLS_KEsZlOLAgpT42z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1264165
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3486
expires
Sat, 27 Aug 2022 19:29:29 GMT
img
pix.eu.criteo.net/img/ Frame 0C1E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoLebensWelt-Kindertagesstaette-Reinickendorf-gGmbH-230534DE.gif%3Feb%3D1&v=3&w=400&s=N1PDOxELn27nCI7e2jXHfemc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
92ea73bf1dfdbbac475dc32ecbe4e247b1a5fad35a9e934f037868281e7b6712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2462994
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2005
expires
Sat, 10 Sep 2022 16:29:58 GMT
img
pix.eu.criteo.net/img/ Frame 0C1E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoHoliday-Inn-Express-Erlangen-271934DE-2108060827.gif%3Feb%3D1&v=3&w=400&s=IdoF0r_hnn-JX2pDJtuhbl4E&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e26f3bb09473dea2b262c9a2fb61805e9d65b59cb5cd38bdc18641f3ae817ee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4010
expires
Tue, 08 Aug 2023 04:20:04 GMT
all
csm.eu.criteo.net/ Frame 0C1E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=n-GT8mpVwKlkWLS1V_ONg9UCGeJagIQznJvaSKjWv80EsVNeRcf6IikTGHCmCZBfgA9OTqeg2IZ-zkA5I1chby3_9C3yZIMNi7t1RTpycHKJSjmBO9ZHCa1XmuXxKZsIiOwK1evzuZDi9cG1clo-ampm1hmTMUbakhd8eRnhpuk_uxlHMhD8eWFvZQZgMRwLz3pH-TTl2PCiFpkTNTdge2RXF7AI5UpRqoM2i1p41LNrSxhyFKDth1g6y22vlH7-aw2m8g&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:03 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0C1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0C1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 04:20:04 GMT
ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
pagead2.googlesyndication.com/bg/ Frame 925E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 06:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
77457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13955
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Aug 2023 06:49:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2F35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvoLBcyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEvQFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunhc0m0dpAliy_dR511_8kNwXqbHFNR_heDgDf2wfT5NZHn0fSJReABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI3NzMwNDQyNjEzODc0MDQYAA&sigh=NX4C4cZrJCQ&uach_m=[UACH]&cid=CAQSOwCsnQUxO6M1VeI_QoY-HtEH5RbzhaKj-cWXcr7FXpdXpB_zf-di_r-Wnx3yLdwZ1J8iWoWdwkn_N_IzGAE
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 2F35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gdmvzkxxezh57zwryshkpp0hs36rdbx96vb3q5fj35qs84p7ydct6k2x2kbtf6wwbxhkgd7161b3ase2gzfxgxgn26e4yhykf9wknarredxhb69zjfg7c5s4t39t3atpksch5w8vdak72qcjyftqa4hmpks065xy96hzhsz20vn9amcrnjz82fwygk5wsgzb2h8fcsnmep17cvna471j2tf2h0czw0b1dax0w6z82pdy6p4k3qn2w6dsn16zaewx9cq2nzb0p6hjn3sgdpwytpnmapvawr0j4esxdyq1bb5ynj37mkc3nfgkzdf5hneds1azp16xj2vxxeyhpn0tsshqgz506jt6qbf0kr8ytwn1xkyxm51cdh4qybqyxqq1b4y7e7mmrjjmxmdgq0s9y8&b=YvcmcwAJ3p0Hg4UjAAbz94arhJEsejFlhcw8nA
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 8982 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jv6n0qndexe282pne0gh813f5a3jh58nh7k3gjj6ypdvh4rddd34xhhnbqpawnf1wqtm1sqrxnkybnbcnwxc4btpnhwwcb8ee9vc2f5r6twhvf69et97c2b81cfqacpk33509r5wjzrwm6sj69jw7763jpvwsrn4rs87nfqzs133p1kt8nyrd5ztvh00ztpest1ejngceshm1ccfy0peqtm6j27eenjt3xk2gepagp3hfgse16cz0f7zx509nb1xpwrd423st9ggzbwbdm0y5gtcam0ardxsnq2s8eqdmcj00w9879jszzwz63q7af6m4qc4326jnnvqw25jm341kabxph2wc50zz9g8aq2b5kz3fw985k80xhrh2r2qy9tenj2jfpt4411pw3drpwv2cn897g5fn3gj4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%26client%3Dca-pub-2773044261387404%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b1681187e40a427b63d946aedea55574d0b5c556b6999a35c45fc51c5df9f2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
739ea7f6ac9a06b2-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 2F35 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:07:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3BE5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
42767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Sat, 13 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F35 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 04:20:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 2F35 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:08:51 GMT
dpixel
cms.quantserve.com/ Frame 3BE5 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEANYNzGRskOPSIby9UQc5jw&google_cver=1&google_push=AehlK4D_rh5L4hiNwZf5evJQ57nFYxDRT0JxMACG6CRn4yerYTGaPqwODGK3DWP3w7g8lVC-3LACM9A-28aFHOhVa-BMNFDdG4zb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3BE5
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJi3OMMqQKm3ZQOSdUIlESI&google_cver=1&google_push=AehlK4CcFGDpHynPqAiGRHa9Aanx-XFfZLjnEeLCAgJr1SAI_XfRYXA9Y9-uXj7TWGBqVNjWT8WwQPDoZ3OgpKQKrBavQIy57Mct
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CcFGDpHynPqAiGRHa9Aanx-XFfZLjnEeLCAgJr1SAI_XfRYXA9Y9-uXj7TWGBqVNjWT8WwQPDoZ3OgpKQKrBavQIy57Mct&google_hm=Q0FFU0VKaTNPTU1xUUttM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CcFGDpHynPqAiGRHa9Aanx-XFfZLjnEeLCAgJr1SAI_XfRYXA9Y9-uXj7TWGBqVNjWT8WwQPDoZ3OgpKQKrBavQIy57Mct&google_hm=Q0FFU0VKaTNPTU1xUUttM1pRT1NkVUlsRVNJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 04:20:03 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CcFGDpHynPqAiGRHa9Aanx-XFfZLjnEeLCAgJr1SAI_XfRYXA9Y9-uXj7TWGBqVNjWT8WwQPDoZ3OgpKQKrBavQIy57Mct&google_hm=Q0FFU0VKaTNPTU1xUUttM1pRT1NkVUlsRVNJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 3BE5 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AUyhCK_ijU7tOCoGKTmDCxBLfC0Q1dPzLXGVcvbqFT-d2EomDseYzbXPCRSPekMKOO4pbifBKio62IdPPAXs9V0rtTxD5K&google_gid=CAESECN3GwGq4X_ZpzXhDFBrxV8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3BE5
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BbuWN0...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BbuWN0...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDA4MzA2MjA2NTU5NA%3D%3D&google_push=AehlK4BbuWN06Pk5_GYRShypmHi0KkQ86ufrIOVJIftkB_it04fEuTcHpRj1a7HanLCxeD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDA4MzA2MjA2NTU5NA%3D%3D&google_push=AehlK4BbuWN06Pk5_GYRShypmHi0KkQ86ufrIOVJIftkB_it04fEuTcHpRj1a7HanLCxeDkWVd3vQl1EJu1lu6eB875Ic5c1AMwq
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDA4MzA2MjA2NTU5NA%3D%3D&google_push=AehlK4BbuWN06Pk5_GYRShypmHi0KkQ86ufrIOVJIftkB_it04fEuTcHpRj1a7HanLCxeDkWVd3vQl1EJu1lu6eB875Ic5c1AMwq
pragma
no-cache
date
Sat, 13 Aug 2022 04:20:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 13 Aug 2022 04:20:05 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3BE5 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEInrPWBDJuHvXWRGazPgVqo&google_cver=1&google_push=AehlK4CNxHDi0NlD_2rpP4d1IVl-BeKuKb6tcNHavOg5Pg0_c8jYKi7Ar5a0F71hJya_HkqhzQwscSZ4JFp8LH7V7mXRC2Rs5BPW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3BE5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4BUGJA1QlGt0tfVCjfJNCLLJO7gVBqCy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4BUGJA1QlGt0tfVCjfJNCLLJO7gVBqCyV7mUJvlxf5BIPoRF4RFjwc7JYp461cCdO0d0XUypE3pBR1KJ3jlE5NNv41S5oe6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B%2FkIRJMacrJQoR%2FhOP0hjOiJCvtmlSABtcf8RC8z4BGnrmb%2FTD4qgdF84WbqajfCba89w66G%2BtEgTP10jzzzT%2FBkzIalVTzCXCxdOBhBWpYhpdS%2BIlNuN5ZvxVU%2FDLr2xdJUPi8ZmM9hA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4BUGJA1QlGt0tfVCjfJNCLLJO7gVBqCyV7mUJvlxf5BIPoRF4RFjwc7JYp461cCdO0d0XUypE3pBR1KJ3jlE5NNv41S5oe6
cache-control
no-cache
cf-ray
739ea7f7ffcf7738-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 3BE5 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 3BE5 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMNlH0w5RA5uhuWNgZhNDZy95mem-QF4LVvJYP9_QnxdrM7odfj-gGj7UUDC9JTNWXX9CsMQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3040495612&pi=t.aa~a.3614320767~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=2&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RaIwdriJlj&p=https%3A//ihealth.in.ua&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2F35 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08dcdc6d2ae017d80612fbfa409077145f8e1dccabc5f2c66363eb6976b38b05

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 8982 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jv6n0qndexe282pne0gh813f5a3jh58nh7k3gjj6ypdvh4rddd34xhhnbqpawnf1wqtm1sqrxnkybnbcnwxc4btpnhwwcb8ee9vc2f5r6twhvf69et97c2b81cfqacpk33509r5wjzrwm6sj69jw7763jpvwsrn4rs87nfqzs133p1kt8nyrd5ztvh00ztpest1ejngceshm1ccfy0peqtm6j27eenjt3xk2gepagp3hfgse16cz0f7zx509nb1xpwrd423st9ggzbwbdm0y5gtcam0ardxsnq2s8eqdmcj00w9879jszzwz63q7af6m4qc4326jnnvqw25jm341kabxph2wc50zz9g8aq2b5kz3fw985k80xhrh2r2qy9tenj2jfpt4411pw3drpwv2cn897g5fn3gj4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jv6n0qndexe282pne0gh813f5a3jh58nh7k3gjj6ypdvh4rddd34xhhnbqpawnf1wqtm1sqrxnkybnbcnwxc4btpnhwwcb8ee9vc2f5r6twhvf69et97c2b81cfqacpk33509r5wjzrwm6sj69jw7763jpvwsrn4rs87nfqzs133p1kt8nyrd5ztvh00ztpest1ejngceshm1ccfy0peqtm6j27eenjt3xk2gepagp3hfgse16cz0f7zx509nb1xpwrd423st9ggzbwbdm0y5gtcam0ardxsnq2s8eqdmcj00w9879jszzwz63q7af6m4qc4326jnnvqw25jm341kabxph2wc50zz9g8aq2b5kz3fw985k80xhrh2r2qy9tenj2jfpt4411pw3drpwv2cn897g5fn3gj4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%26client%3Dca-pub-2773044261387404%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
667338
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 05 Aug 2022 10:57:46 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
739ea7f78c4c4071-LHR
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 8982 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jv6n0qndexe282pne0gh813f5a3jh58nh7k3gjj6ypdvh4rddd34xhhnbqpawnf1wqtm1sqrxnkybnbcnwxc4btpnhwwcb8ee9vc2f5r6twhvf69et97c2b81cfqacpk33509r5wjzrwm6sj69jw7763jpvwsrn4rs87nfqzs133p1kt8nyrd5ztvh00ztpest1ejngceshm1ccfy0peqtm6j27eenjt3xk2gepagp3hfgse16cz0f7zx509nb1xpwrd423st9ggzbwbdm0y5gtcam0ardxsnq2s8eqdmcj00w9879jszzwz63q7af6m4qc4326jnnvqw25jm341kabxph2wc50zz9g8aq2b5kz3fw985k80xhrh2r2qy9tenj2jfpt4411pw3drpwv2cn897g5fn3gj4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=ts3WBg==, md5=GiVSVFozAzGcRbGa3f2JRw==
date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61963
x-guploader-uploadid
ADPycdvtiswFq0HeHRzRfgwSvODmG4NM4dmFTs6H5n8CGTjxtSRsmn_8EdECipHb5Z7kAlJpj4xy6eTVDhIVWfeaxLk-cW41lXph
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFPtuRllKcXA8VUZ8DaL6NE9hdVlolZs%2F7Jbdv6e27MfwU6L0LRUwHkxmJiOlLkbFrO1h%2BYKyID4Haoa8HQ05I0i9Znu4SFj2Dxmz%2FRtG5ki1dPRBe7cByGDresLi64%2Fytdu3rg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1658918375991597
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12021
cf-ray
739ea7f74ce906b2-LHR
expires
Fri, 12 Aug 2022 11:07:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 339E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVMgAcyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgS9AU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNtbGV8Ei8Dd1DzPaoo7_yiYzi_DjWco2pTcGVVr54e1ArWD1nhch4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjc3MzA0NDI2MTM4NzQwNBgA&sigh=xClDTx8WJTA&uach_m=[UACH]&cid=CAQSOwCsnQUxZElYd6PP1yX4Mb-BINHWvlk2yBSREN0k7_liQyeeSPTqq0E4qyaZhq69OUDhOhvyokiBJ5vDGAE
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 339E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gdhnj0dfx0w0meey2jt2vf0yxy23azgtrxezdgy17zxpppwf8yk52zbsqd0syx6w3hjxns0bstp45ztc01mztf4bw1zthaq2vrn9b29997fc70r9venjwf982xr33avg1egeqnkg9jhfmeyd0brdn0ka053ygzf5gty1w1mafkp6snj4xbmq52wqfppnv73j3xv4xzymtya8wd1dxnnk7wcz94zp06465grjk3gpa4a6zj85p8y5qdtmnzdv0dhs72fwzjvxxtsfg524vqz49hthcs3jhrq21n7fvh8y1c61yd0xvzmgzm28j2dx81kp1vpgpmhwhvwwace2n0esvmpgzr1nyfwjfjjd1zpbmr3eb676ryh8sg59e7hs704rywavga92emavmybp8tt8v8&b=YvcmcwAKBwcKd5LFAAfbucRxa3zOBY1foTMprQ
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 7344 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jq9y2x0xghxny77pv9ta3vg5w8nx501md4rtgbmvwx9nvmrne7cgt3qmv914r3ygw1vgbd6mznfzmybq2rqe1216tzp0fck2e9mer3cj7bj07m4756reg33bz5fya39nvt32fda0thktfzqc8ybz2x0269t5bq6ncpc4esth4y5jgvzqswtzqz8fk421z6yrfsphxqq3sh0z3jf4brte1pat6g4p9ms2yzghs7csaxpx50eaxnn268skdfjw6axcetkbn4by44d15858s0n965q26pt8b7h39p1c0ehkfa6t8vfbcxhvv8bcnmtx5v1jcty5gcfpdcwp3dkzgrz1xbd2c51750m2s4gzczjk0cfwa8x2vy4b3fg3b89jpcd4fw667br4mpq6m0w747g5fcpcwq7nh0dqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%26client%3Dca-pub-2773044261387404%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299a9297e09cb8687b3100cdcefabf0f68141b893e8c7803760016b5ff3518ba
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
739ea7f7dc844071-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 339E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:07:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1554 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
42767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Sat, 13 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 339E 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 04:20:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 339E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:08:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FCEC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cfesmcyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgS9AU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPylvQdAbSWWOph_dO6-aJVQDa-bfJ5wpwqiXRnQeqPrhQY4mCFxkoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjc3MzA0NDI2MTM4NzQwNBgA&sigh=6FzPXWVJ2hw&uach_m=[UACH]&cid=CAQSOwCsnQUx0eKP6Jl7qhIJ1OqcxClIwNS9nP1sY4jsMBmMZR5wBz4XlOnR3BmAJbWNFfPAebNCQzhtgA37GAE
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame FCEC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gj4kpxnknnwja8myqqvj353gd05evgzngvyee8mtrcep85h2bz6w8p5znpxagpb9876mqcqb7cm8kz7x9f3akfejwycqdhwxvmvbqw0x7578dct6mz7wdqjyh1fkr8z7ymfhnbx17k6thjs8bxf0ms4me9vjnssjefedp85scnweb0zads81xrtdxync33ax5xgehwnjnwzsnj1rpkpj79c9t1ez60ajkdpfew55vn4vcjnayqa9vnb5m4t8ppsp9vmhxxx9bjbm5jgz82cvc69740gp151jq0zz0xxnw0xk8hm7w83bb61tewhf0xj5nq0t73a70tag2g86j3sxypvfxmb9znqng0pk90f6z5373mh9fcqnk2t4whtwk13d8581vr09s4h6qv8cd1z8d0&b=YvcmcwAKFmsKd60XAAlGFni24kl_v3C_M455xg
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E491 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hptejf610a8tg8v6pm4vd9a2ft93s3emekxkhbmfhwkd0zb2z18x99r7h2ywq5tarhea5askgmtf5xk07683chwx43rwbkxf3qx6njr8e8re5ygw92sddveg3kq0yjs4jcbvv3khkt0v8qv5yf8f2z6xck5x0zmztp24cw7xzrdn5njgev6qzxp2pfmwz4te9rv40df9pfxf53s66nbf5afh6h1x4jaypf3d89kjr0dys2x7ddz89m7d4fsms3h3r25mfj0hghqhx7gq1kmdvvfm0mktfpfynnhfz3xhtqzkd67g9cmnz8h7wc1nffgabgdywy00b6n7vjj9bdwh178d76gqqdp02pnv4z69q8g7r4e3s8mvygtdqtpzkerant9xspdwea2fntr2mpbk4wd9tevcrknfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%26client%3Dca-pub-2773044261387404%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74279e52f5d422bca003b744bc0d1483f793e41e483c23c7970b25e56a22080a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
739ea7f80c974071-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame FCEC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:07:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 63BD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
42767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Sat, 13 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FCEC 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 04:20:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame FCEC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:08:51 GMT
l
www.google.com/ads/measurement/ Frame FCEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlho_GNrB5xcLwPLz50oG-PxOXRDMPaIdvAmKXB9rei0G46Txikb_gX2nhKb7zWWVsjLE3M9bNrG8upQ1sXI7bhtr4sQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 59B5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1uxew4ThO95uijhYAKGGftBts6OKZ06pnYlAug2M5ydpjrCVq9LOJt0qVVwHkn47dD4LPODx1Wdy7Lav7ogJ-PIEj&sig=Cg0ArKJSzDl55KQe6DVYEAE&id=lidar2&mcvt=1022&p=0,0,280,1200&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4188038881&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660364402600&rpt=830&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7EB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIXp0cyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEvQFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA97242Tm4VOxa2vp4_23VbyQnAMYl5Gko8PUrEXHBuexNLpYVsEjpTeABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI3NzMwNDQyNjEzODc0MDQYAA&sigh=MFdPYrMsm9c&uach_m=[UACH]&cid=CAQSOwCsnQUxz__L0M1VUF_KwrgV_De4juKLb9Nm3qhX3PKnZtZ8r12pOIZqoQrwst5RGLYPqAIi6flmHbrCGAE
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 7EB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jh60b2vnh79zz1hsc3qxd5shm9zzw60tfwgc921e99gzkjwq0xp5qw1myk0xk7c744fcxk0ed9hkrfsyqpn477tkxfxyhz94t79f9p76kdwz7g9t894rbj7dyxw666zbxxsk1hxdbpamr72ytkxwmhtkwthga3txeywy3tp4h73h3ns7803cykawzd1rs49f9er2mdfp3rba6cdq0eb5adqqrvk857q9zv9z84vcgdstny5gjj495f8qtmapq6r9ngg6h2w6yr5dfan7se8vydhqazvj4gjqr4hznqvpx2h4yj7wsbbpxcrfyed35e22trjht3ntbk2taqvz5kbtzxembxwtnndjaq73xb7b6tymj9d9jc2zxg0haw5ggv30cjva8qe2rz5nt8eqqc51z8&b=YvcmcwAKBesHg4i5AAg5qOYr4xEK3UcyY57LMQ
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 7F77 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gqxtgcttfyxbe0vvtmvhv2s4cg7rfe892r9p3hz3kmz27se72ev71hp192fte55ss9k635kjks4exvxerywx2wtex4h0azvy5z905gqfkvgfj7f6krzmy4a7m8vzgxvjh06e8hmwj2pzjnqydsdw01c9nw92vy3saf4db3vyb5728mf3968scme4pzqf7h04bkqj4w5k0yc7afz48ykdz1zw76tkqy9drqtkd1whchz5bk1mjjm1rmvp85mxfm7mb75x9rrycz37zaj6g4dhgazb6ee3844vk35bcc8q2nj4c60hzzfjnmnptvnv4b5nr3dv7pnj2rf9xhg00w37m3m6y23bc469zk6j2f6gjkd7qchrza3qkjbsfyebw9kek7ann2p9qyhpq5tcppyrwptaw25eknbac&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%26client%3Dca-pub-2773044261387404%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13d27285c6af3bbb9792dd6a45798931e9642e381eee4cf830a1c02f984b34fa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
739ea7f84cc44071-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 7EB0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:07:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1349 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
42767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Sat, 13 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EB0 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 04:20:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 7EB0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 04:08:51 GMT
l
www.google.com/ads/measurement/ Frame 7EB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZkR3Asd3QljUCuLsUObcwN5OALVd_a_Lyg2ErBwi_CIbqZbBYfIBOmIu3-X6Gqsj-drEx6X_Evy4dYzVam9EhpVFtNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8982 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20894364
x-guploader-uploadid
ADPycdvQu8rzdRrs97enjvGnGemL_nNn_z_RSZB83DHfe2cfB-xpEUBD4BQhQyZG4qi6ZI9TUspp2S0YgzaqlNWuYIyIg2GVkA
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Drt3gOI4wHEULAiSLkMwDiceKSxD5xLbKhC0IUL4dwKygYnr9wxa82kNAw4QaedhqE8ZYtAIISvwVncjBSICm5L2gtqxxkVD8mPnYD5uLXje3Jfx4dF6vjooohe4kMP5vv4QZJtd7rTMEgvtUG1jhgs2"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
739ea7f9093471fe-LHR
expires
Wed, 14 Dec 2022 08:20:40 GMT
frame.html
ad4m.at/ Frame 8B48 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1546859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
739ea7f88cf24071-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 13 Aug 2022 05:20:04 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfvRSEWfceyzgTPEu4P%2FrNRaWohZW8MrzsHFoY4T%2B1Dz9aS0fx6%2F5UIsj7Cm4gBtiNskJceYlWVv86BVIsUA8LjhCL8vAUtMf2wGENTWMVp6bt1hTBfmjtBmPwjxdRzg%2FN%2B%2BysQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdu3KHy4PFC72RtG43UEtEQovtrwHY0ugOVf81yq9UZJlBOsQmsuhmZP1sZPlfHPsfApSgE-p26bakIpeE2SxvvKwnsBwtJZ
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 7344 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jq9y2x0xghxny77pv9ta3vg5w8nx501md4rtgbmvwx9nvmrne7cgt3qmv914r3ygw1vgbd6mznfzmybq2rqe1216tzp0fck2e9mer3cj7bj07m4756reg33bz5fya39nvt32fda0thktfzqc8ybz2x0269t5bq6ncpc4esth4y5jgvzqswtzqz8fk421z6yrfsphxqq3sh0z3jf4brte1pat6g4p9ms2yzghs7csaxpx50eaxnn268skdfjw6axcetkbn4by44d15858s0n965q26pt8b7h39p1c0ehkfa6t8vfbcxhvv8bcnmtx5v1jcty5gcfpdcwp3dkzgrz1xbd2c51750m2s4gzczjk0cfwa8x2vy4b3fg3b89jpcd4fw667br4mpq6m0w747g5fcpcwq7nh0dqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jq9y2x0xghxny77pv9ta3vg5w8nx501md4rtgbmvwx9nvmrne7cgt3qmv914r3ygw1vgbd6mznfzmybq2rqe1216tzp0fck2e9mer3cj7bj07m4756reg33bz5fya39nvt32fda0thktfzqc8ybz2x0269t5bq6ncpc4esth4y5jgvzqswtzqz8fk421z6yrfsphxqq3sh0z3jf4brte1pat6g4p9ms2yzghs7csaxpx50eaxnn268skdfjw6axcetkbn4by44d15858s0n965q26pt8b7h39p1c0ehkfa6t8vfbcxhvv8bcnmtx5v1jcty5gcfpdcwp3dkzgrz1xbd2c51750m2s4gzczjk0cfwa8x2vy4b3fg3b89jpcd4fw667br4mpq6m0w747g5fcpcwq7nh0dqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%26client%3Dca-pub-2773044261387404%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
667338
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 05 Aug 2022 10:57:46 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
739ea7f88cef4071-LHR
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 7344 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jq9y2x0xghxny77pv9ta3vg5w8nx501md4rtgbmvwx9nvmrne7cgt3qmv914r3ygw1vgbd6mznfzmybq2rqe1216tzp0fck2e9mer3cj7bj07m4756reg33bz5fya39nvt32fda0thktfzqc8ybz2x0269t5bq6ncpc4esth4y5jgvzqswtzqz8fk421z6yrfsphxqq3sh0z3jf4brte1pat6g4p9ms2yzghs7csaxpx50eaxnn268skdfjw6axcetkbn4by44d15858s0n965q26pt8b7h39p1c0ehkfa6t8vfbcxhvv8bcnmtx5v1jcty5gcfpdcwp3dkzgrz1xbd2c51750m2s4gzczjk0cfwa8x2vy4b3fg3b89jpcd4fw667br4mpq6m0w747g5fcpcwq7nh0dqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=ts3WBg==, md5=GiVSVFozAzGcRbGa3f2JRw==
date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61963
x-guploader-uploadid
ADPycdvtiswFq0HeHRzRfgwSvODmG4NM4dmFTs6H5n8CGTjxtSRsmn_8EdECipHb5Z7kAlJpj4xy6eTVDhIVWfeaxLk-cW41lXph
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkFT4NwjSGOBejOqz%2BQd6e49eyrzMI19waG25WR10rWt%2Be3UedJHKjiHIVAEhaxUQL2rbZWfLTiwM1OICWhFnYJgUv48Ew9tCb2Tcl99zMpZOwOyKWjBDAC4Sct8QuxhrMeth4I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1658918375991597
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12021
cf-ray
739ea7f88cf04071-LHR
expires
Fri, 12 Aug 2022 11:07:21 GMT
all
csm.eu.criteo.net/ Frame A7E8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=H9Wu3WpVwKlkWLS1dNkbY5ZirWs_HAvBLAl2VA4ALOTcg5bpNyz6tJGrd9uu8ra3RHkZPZT0sARRHXs8NMfTkCtvH8KBzIvtWxFopNRjN8UFhGIy-Gaz7tWL37hqM491_4HNQAMJcBFftJme3WVGsEEpLCbgyFWpSn6zzEs2NyfWcWfiihxPwvscnyaWpbWL_oadXvtS2-uBKXL7l6i3LrjnsjL78GEOdyxkX3yjwva0t-Liao069N5mrIB9yIeEaQXfPg&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALc2YKd5gUAAKUVQdekb-anMt0hqh8uA&u=%7CBcUvdQ6mckh8fiw%2BukfhNcoCgakAkpZ%2FdduGjNiXo%2Bs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJWU8AYvH1R5yy17KXfHzsKAteVvS0JhIzCOGcQvZdnvCUW7XdoWT7KRiB8o5Z-Fanxoz_V4U67qKtKX0Xmxk2sJDq2LMcgmg1KbEE6ReCQeuKcBXVby6TIHqFpkxfZTQB_rTDVHXbUiGXf80lUfwUydP9Y1y_3Rljwwz687pj6K3eeXJYa_4d1NsUd-2xYxv5cWiHGmuLucBB8IooisG2dLg47awoaKoci6Z1iwmUAKAUZdaUCmtTNqurL9bhgz0hfC7jK6qDvFpAt94F0JSMzXRGd2KuFiH3zZYuAVGQaThERnT8LpXP9_gjX-v8Q0RuZL6QN_vaPk6SL3pWwGTp4A85wDaMWPT4OtP76xB0NbO89gKDuId_GnDe8YCI8JGwjnZeDDkabrv9K1MaKCQXG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQL-cib3YubmLZSw3gPVqIrAB8me0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgS7AU_QEdG8rmChitNYZerP6krUmo9s4B8EZiJ_QsrufOTTJYL3ry0bn--hboe3h3vYfiwedLo_xT927o_Oc-FpK91XBuP85UJw1vVbuLZ2vVDot06lEiRE2kMMgbfP5pB5RLUSwFtKZUVB2_Ur5BeeAxacJCj_QTxCD2WvupXBJY__A_C4_ZKKuF-jXq3DWiFD1xauMkYUmrJ9mi1TG9l8Hyy5lwIpe0kISJEUWu_Lrse0p5JYL2svAnQXL8-ABrn6je7ojPjawwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_193-GEdKigoHUGZE8H24Rj_SHCDA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:04 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
truncated
/ Frame 339E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efcfa8a170f166a74f9e9d7b8caf13b225a4326283e2a5da9e920679fa410e27

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 1554
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEANYNzGRskOPSIby9UQc5jw&google_cver=1&google_push=AehlK4C0AFqt064twKFeixGuxBDQGD3VtlgzJUyFLwIEbhPVybvOMWCCY-...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4C0AFqt064twKFeixGuxBDQGD3VtlgzJUyFLwIEbhPVybvOMWCCY-iarOYp8DN-kC2NHkEkX0KpMYOlO2x2etVeZdX3pF4TDw&google_hm=-ywNz_skCN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4C0AFqt064twKFeixGuxBDQGD3VtlgzJUyFLwIEbhPVybvOMWCCY-iarOYp8DN-kC2NHkEkX0KpMYOlO2x2etVeZdX3pF4TDw&google_hm=-ywNz_skCNJNEkkdhSb1-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4C0AFqt064twKFeixGuxBDQGD3VtlgzJUyFLwIEbhPVybvOMWCCY-iarOYp8DN-kC2NHkEkX0KpMYOlO2x2etVeZdX3pF4TDw&google_hm=-ywNz_skCNJNEkkdhSb1-g
pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1554
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4ClfEzw...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDA4MzkxOTU4Njk5Ng%3D%3D&google_push=AehlK4ClfEzwAJw_ojW6vsW5NZ7Kb9AJ5dfG2coQetfqyVayqkiXWaAXSJd23fzloq4I43...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDA4MzkxOTU4Njk5Ng%3D%3D&google_push=AehlK4ClfEzwAJw_ojW6vsW5NZ7Kb9AJ5dfG2coQetfqyVayqkiXWaAXSJd23fzloq4I43IEQtKRoWDAEBKScv6AOvAKWF1tYpeA
Requested by
Host: ihealth.in.ua
URL: https://ihealth.in.ua/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDA4MzkxOTU4Njk5Ng%3D%3D&google_push=AehlK4ClfEzwAJw_ojW6vsW5NZ7Kb9AJ5dfG2coQetfqyVayqkiXWaAXSJd23fzloq4I43IEQtKRoWDAEBKScv6AOvAKWF1tYpeA
pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 13 Aug 2022 04:20:04 GMT
sync
odr.mookie1.com/t/v2/ Frame 1554 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBMafTP5v3d-IKPL_SgNiVA&google_push=AehlK4AJ5ovbU-SndZPJzBrPQHKH3752ltKsKMW2pHP9f6Y6wM88fKvg18fHgvxgsGzlUtIXYywZ3ucCSLzBHFbp6bnAXUI90PS7_A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 1554 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEZweGOTh6y0kVZDOFGI5NA&google_cver=1&google_push=AehlK4DmyAAfh7u5YDZQGh3nrh2TZygjUdUd6LLHUDHlbjhGZzTjnu8XON3w2V4qBfotllP0b39W74TCPpIQu529CGcCYLGAHKIydg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
gm4767jgetgpal648snvmh95k34n9ki0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1554 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEInrPWBDJuHvXWRGazPgVqo&google_cver=1&google_push=AehlK4BHFeClKtRL_K3pJe__knHV6EUflHBsnTF0igEeD01QJ1ZyjJivmFTGOfDVWbpnHKl_nfw_Vsopzj7hwn3wI4mrpH7hKXwwDg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1554
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFAB45zHBCME5gv6BZ9m8vw&google_cver=1&google_push=AehlK4CsfKceZwOADjwk69chlRDeucmeHWa_gaeHQRYLhBP9BQbAwbtG1oChdPUggY1XejwWcgG...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJMlMtMy0yWEJT&google_push=AehlK4CsfKceZwOADjwk69chlRDeucmeHWa_gaeHQRYLhBP9BQbAwbtG1oChdPUggY1XejwWcgGgVYzAIYpicVYpG-Bx1aox0OpGXw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJMlMtMy0yWEJT&google_push=AehlK4CsfKceZwOADjwk69chlRDeucmeHWa_gaeHQRYLhBP9BQbAwbtG1oChdPUggY1XejwWcgGgVYzAIYpicVYpG-Bx1aox0OpGXw
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJMlMtMy0yWEJT&google_push=AehlK4CsfKceZwOADjwk69chlRDeucmeHWa_gaeHQRYLhBP9BQbAwbtG1oChdPUggY1XejwWcgGgVYzAIYpicVYpG-Bx1aox0OpGXw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1554
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4DTtnYqh3edpubYBQcc2i6V50CxbkUYx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4DTtnYqh3edpubYBQcc2i6V50CxbkUYx43FiXO7pMa9iKw8z6C3xKnhPrEkxkwiMVlaJ01RY6b9S8q2mDPMsRnj9McPSR3oRQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXKIx7NqOIbbt8n%2BUhcQO3tQmpGjzGMwVSyV%2FP3zxK4tm42XzIqKKBzn1vse8bp3djLYu7qX099xA68%2B8dDQKhC1VcHrEnCKaSaq3GC%2B1qUcnCl%2FZ5h%2BehnmY%2Fet2Btok7A9CBrVKgRxiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4DTtnYqh3edpubYBQcc2i6V50CxbkUYx43FiXO7pMa9iKw8z6C3xKnhPrEkxkwiMVlaJ01RY6b9S8q2mDPMsRnj9McPSR3oRQ
cache-control
no-cache
cf-ray
739ea7f8d8837738-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 1554 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4XUw-zNQYbHX-3c-hc5UXOYRlJ8mjHTwjXSIaPuxrbO7isgOpi1t7lMXGn-1LCz8qiApY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=3063602964&pi=t.aa~a.3614318550~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280&nras=4&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Nr8Rqbpt4v&p=https%3A//ihealth.in.ua&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame E491 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hptejf610a8tg8v6pm4vd9a2ft93s3emekxkhbmfhwkd0zb2z18x99r7h2ywq5tarhea5askgmtf5xk07683chwx43rwbkxf3qx6njr8e8re5ygw92sddveg3kq0yjs4jcbvv3khkt0v8qv5yf8f2z6xck5x0zmztp24cw7xzrdn5njgev6qzxp2pfmwz4te9rv40df9pfxf53s66nbf5afh6h1x4jaypf3d89kjr0dys2x7ddz89m7d4fsms3h3r25mfj0hghqhx7gq1kmdvvfm0mktfpfynnhfz3xhtqzkd67g9cmnz8h7wc1nffgabgdywy00b6n7vjj9bdwh178d76gqqdp02pnv4z69q8g7r4e3s8mvygtdqtpzkerant9xspdwea2fntr2mpbk4wd9tevcrknfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hptejf610a8tg8v6pm4vd9a2ft93s3emekxkhbmfhwkd0zb2z18x99r7h2ywq5tarhea5askgmtf5xk07683chwx43rwbkxf3qx6njr8e8re5ygw92sddveg3kq0yjs4jcbvv3khkt0v8qv5yf8f2z6xck5x0zmztp24cw7xzrdn5njgev6qzxp2pfmwz4te9rv40df9pfxf53s66nbf5afh6h1x4jaypf3d89kjr0dys2x7ddz89m7d4fsms3h3r25mfj0hghqhx7gq1kmdvvfm0mktfpfynnhfz3xhtqzkd67g9cmnz8h7wc1nffgabgdywy00b6n7vjj9bdwh178d76gqqdp02pnv4z69q8g7r4e3s8mvygtdqtpzkerant9xspdwea2fntr2mpbk4wd9tevcrknfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%26client%3Dca-pub-2773044261387404%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
667338
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 05 Aug 2022 10:57:46 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
739ea7f8dd184071-LHR
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame E491 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hptejf610a8tg8v6pm4vd9a2ft93s3emekxkhbmfhwkd0zb2z18x99r7h2ywq5tarhea5askgmtf5xk07683chwx43rwbkxf3qx6njr8e8re5ygw92sddveg3kq0yjs4jcbvv3khkt0v8qv5yf8f2z6xck5x0zmztp24cw7xzrdn5njgev6qzxp2pfmwz4te9rv40df9pfxf53s66nbf5afh6h1x4jaypf3d89kjr0dys2x7ddz89m7d4fsms3h3r25mfj0hghqhx7gq1kmdvvfm0mktfpfynnhfz3xhtqzkd67g9cmnz8h7wc1nffgabgdywy00b6n7vjj9bdwh178d76gqqdp02pnv4z69q8g7r4e3s8mvygtdqtpzkerant9xspdwea2fntr2mpbk4wd9tevcrknfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=ts3WBg==, md5=GiVSVFozAzGcRbGa3f2JRw==
date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61963
x-guploader-uploadid
ADPycdvtiswFq0HeHRzRfgwSvODmG4NM4dmFTs6H5n8CGTjxtSRsmn_8EdECipHb5Z7kAlJpj4xy6eTVDhIVWfeaxLk-cW41lXph
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fh7VzuRRFbJZraxiNAOr3%2FZ64VE59lvgOqAEaC1jK%2F7KEkNdJJ3QUoG35X65WG%2FCBS8pDR5XH4zLpQWyTp6iJ%2FvXzzlZAiH53H5UDZSTpX6oK9FWfgmtodQ7cwp4FFKHPSuJy4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1658918375991597
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12021
cf-ray
739ea7f8dd194071-LHR
expires
Fri, 12 Aug 2022 11:07:21 GMT
truncated
/ Frame FCEC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83b511683d2e99d307573bfde66698419e177225ea60e58b4273d37cbc3a5a76

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 63BD
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEANYNzGRskOPSIby9UQc5jw&google_cver=1&google_push=AehlK4D39OK74MjaOvRGed5sCr--yeEKmpNGMc9-Y8tEA8WCgaOxmIQAP6...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4D39OK74MjaOvRGed5sCr--yeEKmpNGMc9-Y8tEA8WCgaOxmIQAP67VGbB0IfNMJf0oNNZ88Dty3hzElqmKVFSgKnE2QtWaLg&google_hm=-ywNz_skCN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4D39OK74MjaOvRGed5sCr--yeEKmpNGMc9-Y8tEA8WCgaOxmIQAP67VGbB0IfNMJf0oNNZ88Dty3hzElqmKVFSgKnE2QtWaLg&google_hm=-ywNz_skCNJNEkkdhSb1-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4D39OK74MjaOvRGed5sCr--yeEKmpNGMc9-Y8tEA8WCgaOxmIQAP67VGbB0IfNMJf0oNNZ88Dty3hzElqmKVFSgKnE2QtWaLg&google_hm=-ywNz_skCNJNEkkdhSb1-g
pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 63BD 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BdRNRUshD7EmC3-O73NLDUpoBuEDrtANEdVgV-49SjYRzLvwDAC-xJYCeqH23KfVD7oi7UIsYvLiLcure_iiS6X4Nscvi0zw&google_gid=CAESECN3GwGq4X_ZpzXhDFBrxV8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 63BD
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Co779O...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDAxNzAzODY2NjE3OA%3D%3D&google_push=AehlK4Co779O1WRR5qQMpIc2XWON8MrFvlxWaGUCBpVY5q5jy6gOsDKv1AaKEUVnsJy2It...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDAxNzAzODY2NjE3OA%3D%3D&google_push=AehlK4Co779O1WRR5qQMpIc2XWON8MrFvlxWaGUCBpVY5q5jy6gOsDKv1AaKEUVnsJy2ItW9YwwQBMlDDvhRxhvH1aziUc8ph7ab5A
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMwNDIwMDQwMDAxNzAzODY2NjE3OA%3D%3D&google_push=AehlK4Co779O1WRR5qQMpIc2XWON8MrFvlxWaGUCBpVY5q5jy6gOsDKv1AaKEUVnsJy2ItW9YwwQBMlDDvhRxhvH1aziUc8ph7ab5A
pragma
no-cache
date
Sat, 13 Aug 2022 04:20:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 13 Aug 2022 04:20:05 GMT
dds
rtb.openx.net/sync/ Frame 63BD 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEZweGOTh6y0kVZDOFGI5NA&google_cver=1&google_push=AehlK4BaqV7YHrwHEJIJCpyVfDz7yGXQr9Ecwe4qRXzrIaqaaQrsf7_c2CcMwy8CzZC8UrfjUo9DNB5ncXO2mcmBKHkLDiMg5S1M5A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tbvge0laq1d7n77j5bfs9jt5mv6e9jkg
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 63BD 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEInrPWBDJuHvXWRGazPgVqo&google_cver=1&google_push=AehlK4DqpfLFK_JJUzkrcmxbaQN8Mhzufle7ovCZ0mPhz1IqpFM98kujrFAcgNl_0-c9hs045_WFSL3N3SeNB3-_6FI3nf5r7hDJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 63BD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFAB45zHBCME5gv6BZ9m8vw&google_cver=1&google_push=AehlK4CPOCGbrCV6Jo_lf63IB__jubKaQIwr4GvTZlQumkbRwn50EZYv2H6bys_g4ZExMYAXuQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJMzQtMU8tRVhSVA==&google_push=AehlK4CPOCGbrCV6Jo_lf63IB__jubKaQIwr4GvTZlQumkbRwn50EZYv2H6bys_g4ZExMYAXuQenfR_gGY-NamAa8LfSINZ75IzGeg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJMzQtMU8tRVhSVA==&google_push=AehlK4CPOCGbrCV6Jo_lf63IB__jubKaQIwr4GvTZlQumkbRwn50EZYv2H6bys_g4ZExMYAXuQenfR_gGY-NamAa8LfSINZ75IzGeg
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJMzQtMU8tRVhSVA==&google_push=AehlK4CPOCGbrCV6Jo_lf63IB__jubKaQIwr4GvTZlQumkbRwn50EZYv2H6bys_g4ZExMYAXuQenfR_gGY-NamAa8LfSINZ75IzGeg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 63BD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4DU0ieCGG3-wkqfZHtKf59nuDVTZ_RmP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4DU0ieCGG3-wkqfZHtKf59nuDVTZ_RmP35TuOoNJ5jEOcyEsogYXpDX6NlPSAq5ZDprBjdXPLtJSeGka4bSQm8q5mVoMRJGOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wE7Mad08%2BaGCLe91%2BvmcCfI7eEddLKDONmyPYjQeqZ8KcrkW0PuBE%2FGaqefc3x0mnTMV0fQO8%2BLZ4kFlREidU99Kxp%2FZ7O6roF5er8sklbeyk7gSOn3yvCFGYfBwaPjbOzHxzcY822GFMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4DU0ieCGG3-wkqfZHtKf59nuDVTZ_RmP35TuOoNJ5jEOcyEsogYXpDX6NlPSAq5ZDprBjdXPLtJSeGka4bSQm8q5mVoMRJGOg
cache-control
no-cache
cf-ray
739ea7f908b47738-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 63BD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhWJvsSIsGux8Bztz8dkCkco2qyePJsgppyJAncP4aA1w1zsuJzOWzuJdD2MN2FkMB3hOF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=1987554437&pi=t.aa~a.885858492~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1843&idt=1&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280%2C362x280&nras=6&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=3636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uwS3Uas8FP&p=https%3A//ihealth.in.ua&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 7F77 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqxtgcttfyxbe0vvtmvhv2s4cg7rfe892r9p3hz3kmz27se72ev71hp192fte55ss9k635kjks4exvxerywx2wtex4h0azvy5z905gqfkvgfj7f6krzmy4a7m8vzgxvjh06e8hmwj2pzjnqydsdw01c9nw92vy3saf4db3vyb5728mf3968scme4pzqf7h04bkqj4w5k0yc7afz48ykdz1zw76tkqy9drqtkd1whchz5bk1mjjm1rmvp85mxfm7mb75x9rrycz37zaj6g4dhgazb6ee3844vk35bcc8q2nj4c60hzzfjnmnptvnv4b5nr3dv7pnj2rf9xhg00w37m3m6y23bc469zk6j2f6gjkd7qchrza3qkjbsfyebw9kek7ann2p9qyhpq5tcppyrwptaw25eknbac&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gqxtgcttfyxbe0vvtmvhv2s4cg7rfe892r9p3hz3kmz27se72ev71hp192fte55ss9k635kjks4exvxerywx2wtex4h0azvy5z905gqfkvgfj7f6krzmy4a7m8vzgxvjh06e8hmwj2pzjnqydsdw01c9nw92vy3saf4db3vyb5728mf3968scme4pzqf7h04bkqj4w5k0yc7afz48ykdz1zw76tkqy9drqtkd1whchz5bk1mjjm1rmvp85mxfm7mb75x9rrycz37zaj6g4dhgazb6ee3844vk35bcc8q2nj4c60hzzfjnmnptvnv4b5nr3dv7pnj2rf9xhg00w37m3m6y23bc469zk6j2f6gjkd7qchrza3qkjbsfyebw9kek7ann2p9qyhpq5tcppyrwptaw25eknbac&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%26client%3Dca-pub-2773044261387404%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
667338
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 05 Aug 2022 10:57:46 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
739ea7f90d384071-LHR
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 7F77 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqxtgcttfyxbe0vvtmvhv2s4cg7rfe892r9p3hz3kmz27se72ev71hp192fte55ss9k635kjks4exvxerywx2wtex4h0azvy5z905gqfkvgfj7f6krzmy4a7m8vzgxvjh06e8hmwj2pzjnqydsdw01c9nw92vy3saf4db3vyb5728mf3968scme4pzqf7h04bkqj4w5k0yc7afz48ykdz1zw76tkqy9drqtkd1whchz5bk1mjjm1rmvp85mxfm7mb75x9rrycz37zaj6g4dhgazb6ee3844vk35bcc8q2nj4c60hzzfjnmnptvnv4b5nr3dv7pnj2rf9xhg00w37m3m6y23bc469zk6j2f6gjkd7qchrza3qkjbsfyebw9kek7ann2p9qyhpq5tcppyrwptaw25eknbac&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=ts3WBg==, md5=GiVSVFozAzGcRbGa3f2JRw==
date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61963
x-guploader-uploadid
ADPycdvtiswFq0HeHRzRfgwSvODmG4NM4dmFTs6H5n8CGTjxtSRsmn_8EdECipHb5Z7kAlJpj4xy6eTVDhIVWfeaxLk-cW41lXph
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGBtpI7l0YVCoHHme8ZEMWHzrEMqh1C78KirVk4diCYFq3g89CMkUvssJ9K17Cj1n8fAnikNlPfGnq1Ae4HjkZMEbwMXOSS6ifqUERFw%2BsRJ4L4438CETmbHZYzxPU6NdzngxS0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1658918375991597
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12021
cf-ray
739ea7f90d394071-LHR
expires
Fri, 12 Aug 2022 11:07:21 GMT
truncated
/ Frame 7EB0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4531e95b5c4518f080bfac3f44df5c132080c8f2d1c935c4eab05dad6863214

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 1349
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEANYNzGRskOPSIby9UQc5jw&google_cver=1&google_push=AehlK4DSKtlx8tHPd-Gz97zDgexYZCCUwdcjCiNCCbdyZrHiKJM7c3_BpY...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DSKtlx8tHPd-Gz97zDgexYZCCUwdcjCiNCCbdyZrHiKJM7c3_BpYU1Pkf-nNXdcPwHmhDQX47vMWZDqCMksWKvYqVdk7A&google_hm=-ywNz_skCNJNE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DSKtlx8tHPd-Gz97zDgexYZCCUwdcjCiNCCbdyZrHiKJM7c3_BpYU1Pkf-nNXdcPwHmhDQX47vMWZDqCMksWKvYqVdk7A&google_hm=-ywNz_skCNJNEkkdhSb1-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DSKtlx8tHPd-Gz97zDgexYZCCUwdcjCiNCCbdyZrHiKJM7c3_BpYU1Pkf-nNXdcPwHmhDQX47vMWZDqCMksWKvYqVdk7A&google_hm=-ywNz_skCNJNEkkdhSb1-g
pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1349
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJi3OMMqQKm3ZQOSdUIlESI&google_cver=1&google_push=AehlK4CkuiA1OGxhoMw5wfZYFbSJqe4gKEFoWdx40aVE5XmHrCzRgxcUiaFpjUUPowEimbEHbiGkkBLWyJSqJQAeqhfuSLaylUw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CkuiA1OGxhoMw5wfZYFbSJqe4gKEFoWdx40aVE5XmHrCzRgxcUiaFpjUUPowEimbEHbiGkkBLWyJSqJQAeqhfuSLaylUw&google_hm=Q0FFU0VKaTNPTU1xUUttM1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CkuiA1OGxhoMw5wfZYFbSJqe4gKEFoWdx40aVE5XmHrCzRgxcUiaFpjUUPowEimbEHbiGkkBLWyJSqJQAeqhfuSLaylUw&google_hm=Q0FFU0VKaTNPTU1xUUttM1pRT1NkVUlsRVNJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 04:20:04 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CkuiA1OGxhoMw5wfZYFbSJqe4gKEFoWdx40aVE5XmHrCzRgxcUiaFpjUUPowEimbEHbiGkkBLWyJSqJQAeqhfuSLaylUw&google_hm=Q0FFU0VKaTNPTU1xUUttM1pRT1NkVUlsRVNJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 1349 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBMafTP5v3d-IKPL_SgNiVA&google_push=AehlK4DlOedo9VVpxxKxEdaNPPZqRoWqcwfWF2WrEYJwkaBCeYvzioxdXbLYk4GR7nhVcpYqHndjouMxn9vUb6TcKn1VXb2rUAg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 1349 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEZweGOTh6y0kVZDOFGI5NA&google_cver=1&google_push=AehlK4Aw36slhLeHuTrRnc-uR6q5-EWHollRhSqqgIbBFA8F4WGtDTWD5JFB270W9o2Mj2FBFyAy8uUgRXzEDX0Y0NNK1VC7gds
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0cm3cbdlvdq7khvpkdhds49n9phshjtr
pixel
cm.g.doubleclick.net/ Frame 1349
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFAB45zHBCME5gv6BZ9m8vw&google_cver=1&google_push=AehlK4BZXR7Ygi21ajrS4F1tpA0PAq2CGqUTg2JlUQRXLB90eYiPCu4GmxarRW9cnqoaIuxIesI...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJNDAtMVotQkdI&google_push=AehlK4BZXR7Ygi21ajrS4F1tpA0PAq2CGqUTg2JlUQRXLB90eYiPCu4GmxarRW9cnqoaIuxIesIZY4ID1GLqtrI0U4thxJ0T-mo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJNDAtMVotQkdI&google_push=AehlK4BZXR7Ygi21ajrS4F1tpA0PAq2CGqUTg2JlUQRXLB90eYiPCu4GmxarRW9cnqoaIuxIesIZY4ID1GLqtrI0U4thxJ0T-mo
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSRTNJNDAtMVotQkdI&google_push=AehlK4BZXR7Ygi21ajrS4F1tpA0PAq2CGqUTg2JlUQRXLB90eYiPCu4GmxarRW9cnqoaIuxIesIZY4ID1GLqtrI0U4thxJ0T-mo
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1349
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4B5gyMx-YNSwvrfTlXYN0ZGMRxPPI4RG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4B5gyMx-YNSwvrfTlXYN0ZGMRxPPI4RG29f48mZNyf8L0VoB4NJ7jJUVr4rm39ZZtsVZ3hRdUL_2KWayTFxOu3bJXkX8Z8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85XNbD0NH%2BIBraJiQ8LwAaI1mZBOzDwyB87iAH3QZ1H7%2FcVyCdhQ2UnyF1avMGmsxna6fG%2F2EjqCT8vIpfcxPwAGcgmRY0d2uYLsHxLVJyuJ9jJu69PHheHAdbXgEdOQBGM4dm8EYp7XNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENEG7325RFGpfLfOvXkjK80&google_hm=YvcmdLeqyGW8QlF8slqdIQAABFgAAAIB&google_nid=index&google_push=AehlK4B5gyMx-YNSwvrfTlXYN0ZGMRxPPI4RG29f48mZNyf8L0VoB4NJ7jJUVr4rm39ZZtsVZ3hRdUL_2KWayTFxOu3bJXkX8Z8
cache-control
no-cache
cf-ray
739ea7f938ec7738-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 1349 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 1349 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kh1OtJjOGRB-p8nhEaA1B77PzYXyY08hcc8apzhjdQSPfsuXAt-dULRO_44ICik6MOigRFfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=1897002081&adf=2890494635&pi=t.aa~a.3614337803~rp.3&w=362&fwrn=4&fwrnh=100&lmt=1660364403&rafmt=1&to=qs&pwprc=6907635123&psa=1&format=362x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364403557&bpp=1&bdt=1842&idt=-M&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44c61cc2d4442168-22f48d7ef3cd00b8%3AT%3D1660364402%3ART%3D1660364402%3AS%3DALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg&prev_fmts=0x0%2C1200x280%2C362x280%2C362x280&nras=5&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&psts=AEC3cPLzITKwMDwYhdz-oiQ9aYhfZZQxaBvmwfFpCf06GSzcTQ2w9lqkDO4ZHnuZlkfVoIxdI7tnOaNSFzpZ7Q&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nquy9mWzcT&p=https%3A//ihealth.in.ua&dtd=51
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7344 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25102534
x-guploader-uploadid
ADPycdvwDjW5jdr3hpmzEGdM6ocYLvnfI4_co9YRT1iPnu4DrEndoW4-i-8zZHwjrNkjFcureZIeUag3rEIRkN6YBG8
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0DRwbbRSc7e53ToleJBR3sCNY7Q97ftorOzEN1SdMa8Yr4NJNd8KIJaXBC1EbYkswISc2HR%2FomyivjdFDzKIqXtPF%2B9O8ltHKBXnnZDMCM46XPOf9SgW%2FIuNjNZH3JCBOcOnRQYJ4oN0n1qYvKW%2BfWy"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
739ea7f9adf8770d-LHR
expires
Wed, 26 Oct 2022 15:24:30 GMT
frame.html
ad4m.at/ Frame 60B5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1546859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
739ea7f96d5a4071-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 13 Aug 2022 05:20:04 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dhWKjMT8HPyWGylZrQ4EMoHuREqphU%2FjMzvggVnLHlPg2M2hnRKifB0bvhlVNk8d%2BAMnSD3xoTlNyXjl7bp8nL18w3%2FEgloSCZvs%2FusXtMsicGTzRL32%2BulRM5L%2Fw5x%2BY4W03U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdu3KHy4PFC72RtG43UEtEQovtrwHY0ugOVf81yq9UZJlBOsQmsuhmZP1sZPlfHPsfApSgE-p26bakIpeE2SxvvKwnsBwtJZ
rs
ad4m.at/ Frame 8982 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa8d3f15f6276e75aa726101254e8ad75c6e0637a576f0f864f1552232c19cf

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
739ea7fa2a74071a-LHR
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ockarir%2BMuflLi0Dezm15c%2F1WEnu6Z4GeVsNg1axzPtd2KR0fhId%2BvXP9O9NpBtwMX95%2B8%2FNLbKv1dMq8dcuNJPXaio9qmVSXBoHxdL4MtnISsmWpNAOZAL8X7tCA%2BDIrauEJEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
739ea7f9ba30071a-LHR
content-length
24
content-type
text/plain
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYWkdBkM0wzixZmqf9QlbnZYKQPKFlUgLoa%2B8ibck4sxtOxenuK0ZvPyht8%2Fe%2BbqieT%2FrKj8QvYF7b8NS6m8URmT4YDIqwrUJ1s2DikisgGXRf3YiRyqq5KVBAjudVnpxJsDKNU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E491 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25102534
x-guploader-uploadid
ADPycdvwDjW5jdr3hpmzEGdM6ocYLvnfI4_co9YRT1iPnu4DrEndoW4-i-8zZHwjrNkjFcureZIeUag3rEIRkN6YBG8
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FQp%2FhOd692G5klBsGQ7ggBthN8e%2BAnY8NoQE0ijQ2%2B03qXa8IO48CBgQdtpRFmcn5cfUFLt%2BOrj5yttVC6Qfxi9M5w%2FCNY7BiNVT06CE4LLzcrJNXtYhPGt0UK1aCWa40wq9qbzzVJ9AZh%2FbgwU1LoZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
739ea7f9adf9770d-LHR
expires
Wed, 26 Oct 2022 15:24:30 GMT
frame.html
ad4m.at/ Frame 6345 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1546859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
739ea7f98d6c4071-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 13 Aug 2022 05:20:04 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnIHBLptfR71D6S53z6U1QRSuzm4P8zFfNfePxoQ6ndotfCdKUWrGyCRrJCzep1je0XikUFubhzynsc1HmPQ0I7yjWrrritiAuKJWYfWtgcdZqJrSGsjEXgqwggEwPDZ5m%2BLSSg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdu3KHy4PFC72RtG43UEtEQovtrwHY0ugOVf81yq9UZJlBOsQmsuhmZP1sZPlfHPsfApSgE-p26bakIpeE2SxvvKwnsBwtJZ
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7F77 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25102534
x-guploader-uploadid
ADPycdvwDjW5jdr3hpmzEGdM6ocYLvnfI4_co9YRT1iPnu4DrEndoW4-i-8zZHwjrNkjFcureZIeUag3rEIRkN6YBG8
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06GFa26dkov5vWxZy7mnh3miEV9xYkkyNSV4dpohY3D%2B539JChe1osT5aFY3ceMwnU9sA9scy%2BT7RGu3c32tCLYBRg2AqzjZ4wzd%2BlrxTTpBZcu8m6l6FmDCKqD5sk9Z%2BPT33zMLcg2tGR3v5Krn5pua"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
739ea7f9adf5770d-LHR
expires
Wed, 26 Oct 2022 15:24:30 GMT
frame.html
ad4m.at/ Frame B8EA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1546859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
739ea7f98d704071-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 13 Aug 2022 05:20:04 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKk4ySyjhs1cxYC%2Biff28nNgSXy7zVTMhbpAUutJmhdcKpDoMEkO5N3csgCixmgcJCXBfMB0mV3MIP4B71RqPbAhWkgfMqiFTFIplQkV2aswmpOz4PjUq9AulHr7FPynD5v159o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdu3KHy4PFC72RtG43UEtEQovtrwHY0ugOVf81yq9UZJlBOsQmsuhmZP1sZPlfHPsfApSgE-p26bakIpeE2SxvvKwnsBwtJZ
rs
ad4m.at/ Frame 7344 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56c982172da812fb52e423cad1bfa5e4c5bd296c615dede2934da6ca00972f5

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
739ea7fa4a95071a-LHR
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJEkOhYRgJEfqX3rknJAo7n%2BuBFW8clue%2BzZWVys%2FU%2Bw2FtE4wBneOSFPTrhA8ZCdHEgJaok4OqTZeaUI0JYG%2F5SC6Y5sHqL0FK8LoUtpSCbEkjkxxaoEw2VQRH9APRzaoa1JKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
739ea7f9da4a071a-LHR
content-length
24
content-type
text/plain
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WPKIgUpbCX5Svm0Ox0Xc5XlfhqVGEJWfmGxY9qPjoVKO2pO%2BI3RKV07FbPY%2FU9kN5QiGqxhNacoc2BpcfLqVkOFhWLPhQFy13J2NLjlowOaHE5I4OmStfIhzegFYF5yd3fO3XA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame E491 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd15390328a8a93b9ab92cff79b055582746c296d23a98f13427346b4f2a207

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
739ea7fa5aa1071a-LHR
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEZ7mfnDz%2BciD7pcTVgiQ04t4aKZVazDN01iqV3vg9QIC0ZQzSdt%2FKymjsz2J4VbELwfBKrhZWbVr1Y3PlPpkrmkY1x0UwAC%2BQsAucsswsjwZaGKuKm9x2hHRpfrxP1nX91hlT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 7F77 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a5dd34daf95446ad7e7f0dc8b6d841c3b6252e0bf159b4e89a1db52724ad122

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
739ea7fa5aa3071a-LHR
date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BI5%2F3WxLJq0ly4S8kD1X4X7B5lGo%2FBUnZTQODaZt88oM7nMDsNUZaQxA%2BEQvxtfEEyPDGdYkWOXSIp6WBQKRbAGerNoiAx%2BaUmtm7by4lELGqWSkqjFJ%2Bs3Iu1GvsrTZRjGcNRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
739ea7f9fa5b071a-LHR
content-length
24
content-type
text/plain
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7ejujPepUwDX9XdjrSdNfMrIr1kuIemRYhdIoNLUNVum5R2S9oLqlkuokVUwoDU1ZGXWTnsK1SYJMcYHCGcLBYM2Nh1Jr9knjqgzcstgMe2xTA8Y60tZAjRyocPD55rcSO0Sx4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
739ea7f9fa5e071a-LHR
content-length
24
content-type
text/plain
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWRL6YjBJxhZ5bBbo3Z1rqAlHKTLkS%2FYlqOtdPIZun6XEZZ%2BxmF5lRJojCo2aOtgyrufu724roe4BLdnYlJ0HRbKhcsxfhS1EzajpkCREPbARFksaDwzIN%2BfGvXLQKXeIZDWe6k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12ea93bb770d55efca925b65c8cfabd5c60364fcb11bc86946c3f106bb0701fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 04:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11263
x-xss-protection
0
rar
as.ad4m.at/ad/ Frame 70ED 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b8f08fb7e7a3896bfed2243632919fcf549e724845e93d73c85303dbf386aa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jv6n0qndexe282pne0gh813f5a3jh58nh7k3gjj6ypdvh4rddd34xhhnbqpawnf1wqtm1sqrxnkybnbcnwxc4btpnhwwcb8ee9vc2f5r6twhvf69et97c2b81cfqacpk33509r5wjzrwm6sj69jw7763jpvwsrn4rs87nfqzs133p1kt8nyrd5ztvh00ztpest1ejngceshm1ccfy0peqtm6j27eenjt3xk2gepagp3hfgse16cz0f7zx509nb1xpwrd423st9ggzbwbdm0y5gtcam0ardxsnq2s8eqdmcj00w9879jszzwz63q7af6m4qc4326jnnvqw25jm341kabxph2wc50zz9g8aq2b5kz3fw985k80xhrh2r2qy9tenj2jfpt4411pw3drpwv2cn897g5fn3gj4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%26client%3Dca-pub-2773044261387404%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
739ea7fa9e0b4071-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 4CC1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1caf079743384c7ff33b5da5b688e6c766b81716f2f654494c61df115bc1344
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jq9y2x0xghxny77pv9ta3vg5w8nx501md4rtgbmvwx9nvmrne7cgt3qmv914r3ygw1vgbd6mznfzmybq2rqe1216tzp0fck2e9mer3cj7bj07m4756reg33bz5fya39nvt32fda0thktfzqc8ybz2x0269t5bq6ncpc4esth4y5jgvzqswtzqz8fk421z6yrfsphxqq3sh0z3jf4brte1pat6g4p9ms2yzghs7csaxpx50eaxnn268skdfjw6axcetkbn4by44d15858s0n965q26pt8b7h39p1c0ehkfa6t8vfbcxhvv8bcnmtx5v1jcty5gcfpdcwp3dkzgrz1xbd2c51750m2s4gzczjk0cfwa8x2vy4b3fg3b89jpcd4fw667br4mpq6m0w747g5fcpcwq7nh0dqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%26client%3Dca-pub-2773044261387404%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
739ea7fabe254071-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 182A 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802c17d130f18df30a94c9877f2ce91c220b1afbb5295bfa7462d5e83503fd21
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hptejf610a8tg8v6pm4vd9a2ft93s3emekxkhbmfhwkd0zb2z18x99r7h2ywq5tarhea5askgmtf5xk07683chwx43rwbkxf3qx6njr8e8re5ygw92sddveg3kq0yjs4jcbvv3khkt0v8qv5yf8f2z6xck5x0zmztp24cw7xzrdn5njgev6qzxp2pfmwz4te9rv40df9pfxf53s66nbf5afh6h1x4jaypf3d89kjr0dys2x7ddz89m7d4fsms3h3r25mfj0hghqhx7gq1kmdvvfm0mktfpfynnhfz3xhtqzkd67g9cmnz8h7wc1nffgabgdywy00b6n7vjj9bdwh178d76gqqdp02pnv4z69q8g7r4e3s8mvygtdqtpzkerant9xspdwea2fntr2mpbk4wd9tevcrknfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%26client%3Dca-pub-2773044261387404%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
739ea7face284071-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2773044261387404&plah=ihealth.in.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 04:20:05 GMT
rar
as.ad4m.at/ad/ Frame E740 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3368716471f5141dc5e9985d22080be939d35e2938d251c524c9917a1431ecfc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gqxtgcttfyxbe0vvtmvhv2s4cg7rfe892r9p3hz3kmz27se72ev71hp192fte55ss9k635kjks4exvxerywx2wtex4h0azvy5z905gqfkvgfj7f6krzmy4a7m8vzgxvjh06e8hmwj2pzjnqydsdw01c9nw92vy3saf4db3vyb5728mf3968scme4pzqf7h04bkqj4w5k0yc7afz48ykdz1zw76tkqy9drqtkd1whchz5bk1mjjm1rmvp85mxfm7mb75x9rrycz37zaj6g4dhgazb6ee3844vk35bcc8q2nj4c60hzzfjnmnptvnv4b5nr3dv7pnj2rf9xhg00w37m3m6y23bc469zk6j2f6gjkd7qchrza3qkjbsfyebw9kek7ann2p9qyhpq5tcppyrwptaw25eknbac&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%26client%3Dca-pub-2773044261387404%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
739ea7fade324071-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 70ED 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
667338
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 05 Aug 2022 10:57:46 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
739ea7fb1e5a4071-LHR
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 70ED 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215765
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdu8ecfitr_yC8Vq7bSQJQ5rMLC9TNiyKV4cEMWEa9qSNB5RFNPCAdTzbH_0yagA4w2q4YiTHr56zWw3AxJXN_kRRe_T8nSq
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FdD%2BvcYWP6NmaY4zRpONl%2FV8bpDT3JTy%2Fwa8DOUU5Lb%2FbkUrDVLJH3OXIHWjIhXdAtpDEZlfeo%2Ffs1NIFfxcoRMdFJGOgLvnjHIjxJIjOMiQcYo4TdhOihKKB1pNgcatftvhs%2BoDFVrT8B2"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:04 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
739ea7fb2f6006b2-LHR
cf-bgj
imgq:85,h2pri
18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame 70ED 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=h0Ee3A==, md5=fa2j8/YyGn7kutxTsR2h8w==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204620
cf-polished
origFmt=png, origSize=451997
x-guploader-uploadid
ADPycdvomb-wOk0wklqs9qkH7MWFmGYOhlF7VGyoQC-esXYMFQFRmpD9V4mu3lQn2nsAugIYGIj_ldJKTEyi8WMRS8wVng
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
324760
last-modified
Tue, 14 Jun 2022 08:21:28 GMT
server
cloudflare
etag
"7dada3f3f6321a7ee4badc53b11da1f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNWFRm4h3EkDotWEaucgREIfCGdCvUPy2KjDH8z4DHMH%2FT%2Beyi65UZOa7JbB1SiHC%2BHAMkKZ8F6hESI3pP81Da%2BcSlRyoTXCbkZIt%2Bl1SxS7eq7fa8VqcMKcCe5CassomOPFylESyxOJbJit"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655194888130368
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
451997
accept-ranges
bytes
cf-ray
739ea7fb2f5e06b2-LHR
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 70ED
Redirect Chain
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660364405_353820e0-1abf-11ed-94b9-2265b3bf8141
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660364405_353820e0-1abf-11ed-94b9-2265b3bf8141
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 04:20:05 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Sat, 13 Aug 2022 04:20:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660364405_353820e0-1abf-11ed-94b9-2265b3bf8141
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 70ED 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211361
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdvve554nssWLTi59e62jf2VM6lGUqbYnZ5Gt2qV9JiM8qP2E_Yj9mvjmP0APRwwCt1qskLP6-lJaLI8E8ILe5BxlQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uzTI6aNgUd9yJHSppnwU6I6n8b0moqZK0pZhdpQDZxs3N9ympZOqEIz4ex8Wnz1jElKUdgivWjs4Ac%2BXkO5UYaJsyHe9%2FbtreSF%2Bv2uDe9oqZSGqilWOInYp1RP8EUW4uCrYvf4b%2B90TuBQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:04 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
739ea7fb2f5a06b2-LHR
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 70ED 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1529852
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdusqPbP08HyPZglqU1h0LHxxLxaVZ4eSQ8L-HDrMWBqwdmIeQPfXvT95EjfDxTUqj_zV7nOd1YGq057l8mBykc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn5NLUCkfJfziljlUS1ILXVZ8F9i2NXprTpyTH%2FQCkRJLsu9G3rCHdOJW8TC%2BcLST8m%2Fgq5%2FZEJavps3ZecSVGqSHUoGRFFUMz6sU%2BxxmCw25aVfxtoPZic6Cl%2Fft4jHD79KDh%2FUU29ZxuZ9"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sun, 14 Aug 2022 04:20:04 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
739ea7fb2f5806b2-LHR
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 70ED 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
285388
cf-polished
origFmt=png, origSize=39979
x-guploader-uploadid
ADPycdsS5ITPZ9qKuiDkWzpOv6R92sKRoBCnik5hjp6JXk0esfqkVX0IaAaQNFH7OHD24gCwGR8zfQVhHUBeSJbkGC3FNOqOG1pY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYBdVrkS0umdAE3uono%2Bg1MR%2FiPo915fo%2FaumVmE%2FLxZQX0xbF5SmYYc1%2FABjDpVdM1sJ2DPlwyPB0hZDMRHr5PyRTak%2Frv2CpfOvj1UoOJL6csJyejPqOrM9DGvmyrKA43BxrwHkojU3Ckw"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698475785088
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:04 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
39979
accept-ranges
bytes
cf-ray
739ea7fb2f5c06b2-LHR
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 70ED 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=KioGiw==, md5=gsfeD0L/Vf3QrMB3MWZAMQ==
date
Sat, 13 Aug 2022 04:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213626
cf-polished
origFmt=png, origSize=342797
x-guploader-uploadid
ADPycdu8uIjXgZXWmXPFumoiSyOIOHlLmQf5WBvb_XYqRbCPqajxXyERNIj9btrTBmaOGhHTpszj_vKC9v_DhEMkdWrMtQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4rAB0aNu1fTNtS03lWUUz7iVhBv0kCmw7BDvUOa052X9rI7fopxyuYgmKSKW9xljAc77U1zbqp7u1sRYwabFxfdVwAxjnsnmud5Tk1UOqp8F%2BlKsKciWU3Z1jgALRWdrSdFErelkGfTmafu"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655301671870263
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:04 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
342797
accept-ranges
bytes
cf-ray
739ea7fb2f5f06b2-LHR
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame 70ED
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=353ab8f1-1abf-11ed-80d0-22316432dc67&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1660364405_353ab8f1-1abf-11ed-80d0-22316432dc67&insert=AW&&gdpr=0&gdpr_consent=
0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1660364405_353ab8f1-1abf-11ed-80d0-22316432dc67&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
376461948
server-timing
intid;desc=1304ce71f0dc996f
cf-ray
739ea7ffdef588b3-LHR
expires
-1

Redirect headers

Date
Sat, 13 Aug 2022 04:20:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1660364405_353ab8f1-1abf-11ed-80d0-22316432dc67&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 4CC1 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
667339
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 05 Aug 2022 10:57:46 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
739ea7fb4e7e4071-LHR
cf-bgj
minify
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 4CC1 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=YhDYkw==, md5=0dFx3WUVIvQaL8DbolalRg==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213185
cf-polished
origFmt=png, origSize=233620
x-guploader-uploadid
ADPycdvEdS7tdqXrB66tbRBp4qcaCGsSnD6kZ3-q8U0ta13iVvhJGvhGHtPODrCVFWljZoGf_8nvDL9rXMkV26VwREZaEg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130164
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwUPx5iFxun20XWUW083zicf2upRbqqSlSBV76YGWVgrc4GAQVK%2BCtXkt%2FFJrGRtNQI8H96JAhbempI0qJlmla609rM9awjAoYCcJ7B1tV7ZTKf8fGc%2BK6mNXHp4S30%2F3zcZUrt3mSV7BSZi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1648537851916987
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
233620
accept-ranges
bytes
cf-ray
739ea7fb4f7706b2-LHR
cf-bgj
imgq:85,h2pri
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 4CC1 		461 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=uxNdng==, md5=G2kngkPBB99bERhrH2ylhQ==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211191
cf-polished
origFmt=png, origSize=731561
x-guploader-uploadid
ADPycdvd3fmsiDkijL-R9XkNbNEPey9oZ-PhDGIswuP350iV-keaL8ihjuj2WAk-lGGOX7pxH35LatLT1LUhZ1Tz3vGUrQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhJtQWZ7AegsdCNjYiqUwjgruNYxM8nv9ssxFWwhL1nHsGExUeHZUhHondeZwO9Pv2QgJgWFt65%2FMk4K7aICQysJqnlcdFjs1tGcPt1IXyKkIE0tw7PL2gurO1WcWKVmB1CmCWYeIPtniAtT"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1648537411511396
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
731561
accept-ranges
bytes
cf-ray
739ea7fb5f8906b2-LHR
cf-bgj
imgq:85,h2pri
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 4CC1 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217423
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdtNS_YhH_FG7MvPbQtcANb4zCjdnsZc5ugXGZC_nTgP6AKG6ekfEWgYIQXVPH_KFLHf5ZD_BvGsVeuyP4MQj7z_lYFZ9KyA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D49PjcxxQm7xvKCCX4AqWm3FP9psKPqATIFmkoZcnxuMj5RsVR0K0LYLbRl7lA4ztw7LiliskBW9dqv%2BrllqxQyYvv9Cs6qo7AL3w7zEn97bukI9%2BelFyDQM4D3puYzvWnSzm2oQJIp8XDfp"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
739ea7fb5f8a06b2-LHR
cf-bgj
imgq:85,h2pri
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 4CC1 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205346
cf-polished
qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid
ADPycdu-4yJabXCVvw2TBo45LiBhqqbpSDHL36jYSwpIR9vOGq-XSBAfM1ZW7ZRuMpuIRlYmnmUpa6V2g-7Oyxn3e0fgTA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ey%2FNWJhKLJ2OZ7B2S%2Fkq0%2FGQ5WRR9WKAb7%2BXEYGYM5t4UCngUhg1vehQmhK9Ot46XOTGwDMT6sxt3fv04xCokDt89KUs%2Bi%2BCLYjqSv%2BUdIB1c8JvQA%2BOEEq%2BEEO4Tnr92A5Xb%2Be6A0ziSuUD"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1638198195167024
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
83479
accept-ranges
bytes
cf-ray
739ea7fb6fa606b2-LHR
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 4CC1 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.132.42 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-132-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 04:20:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 4CC1 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213112
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsr9_U0v_7hxMzwTdQp7qNGCTNQzSgQbc946E2xUrxIlDwddZtjJdUo_1vY2tDRmYP9b3IP_sHQptVXcqw4BNbW-enLK7P8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmtRCMNNKf6D1oLqR7I7dcfP4qQfKXXe2%2BcSdklwV%2B%2BgLzvm6ezyidWQ955YK5yru8ASPjEYC8F3uxaSEuAZszapQVZkaY%2BDNKC6AGrSmGYNTstyklaXgvFgh%2FTuRFAXEtBXIfF6lMZxTgQS"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
739ea7fb6fa806b2-LHR
cf-bgj
imgq:85,h2pri
1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
assets.ad4m.at/product_image/ Frame 4CC1 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=4e5XkA==, md5=IApgItXE/tw7TfHLo2DKwQ==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205325
cf-polished
origFmt=png, origSize=68898
x-guploader-uploadid
ADPycdsbe0Nr7PJ7TXssmE8RjxZ7_vq6rzCnKIu9b0OUaGMRTjovol2_5zZqQNPQUQIzMHyJr-HzG3BwnlEXBziFIWzoMLnINa9H
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42816
last-modified
Wed, 09 Feb 2022 14:47:59 GMT
server
cloudflare
etag
"200a6022d5c4fedc3b4df1cba360cac1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxN7Z0CLLMIiJG19LPp7yiFLnHRAfF9ewtUr706yYmnvyIRqTMHfbf9FGiK%2B0GtGH6CBGcJdFsbcfq2sxjWuDSDkhkYlveJ%2BCcFYbxL2SutoW1WcSOLxAKNAmYE1J2rBAVY1LkyQ9mWEChQK"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1644418079055001
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
68898
accept-ranges
bytes
cf-ray
739ea7fb6fa906b2-LHR
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 182A 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
667339
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 05 Aug 2022 10:57:46 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
739ea7fb4e814071-LHR
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 182A 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214693
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdvcDtljEDX6kA7HPOHqpLeFGp6S1r4Nnsx8utN5ySJZlxmM2XW0VWIa-VbjlWzDt2uwTXbo0GjIsDrpuGfWtUqUng
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT%2FqG0vktMlbnmNf0wCMsOLeMMhnGFtZYnG3hAKPDdyXsJbM31dflJiUdAYRsAmPdKOfIEaghWC60vTILt5GQ6fHWGNzz1yMAsQOooMh4nZDc%2Ffvvfq5q4TV%2BwLtg0achd2o8Se9H0sXeI%2FZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
739ea7fb4f7c06b2-LHR
cf-bgj
imgq:85,h2pri
B8ACDAD155C680FBAFB702C65A62FDEEFBFF3A6ECB6DCE31F2642AF182F40AEBB54C2D1C48140DCBA00FC5CB1EA3E738F1E502525345FB436953C95540B721B8
assets.ad4m.at/product_image/ Frame 182A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B8ACDAD155C680FBAFB702C65A62FDEEFBFF3A6ECB6DCE31F2642AF182F40AEBB54C2D1C48140DCBA00FC5CB1EA3E738F1E502525345FB436953C95540B721B8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09809bd2b2151041eb336b4faf503af032d1519d8bcc80b80b869fc8c9db884d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=pMQIDQ==, md5=FohYvEJVmsG3rLZM0v/ePg==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
218372
cf-polished
qual=85, origFmt=jpeg, origSize=63356
x-guploader-uploadid
ADPycdsK7FP0PuY7P_ENkujBimwf25MD9bCiecA-6m7Q-lCY7ShiHZyyfZXpL2EzQqSMRLCk2lTkwSG12QrpDtdZFUHhN6OyY0Gq
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19116
last-modified
Wed, 01 Jun 2022 13:52:57 GMT
server
cloudflare
etag
"168858bc42559ac1b7acb64cd2ffde3e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Htf%2FTk1x73rU59Goz%2F7tpaZLO0oQVr5%2Fc7wBXHPmfEYswRoI1f5AjS0dVWelhSJXHflmtIoK9pBjIgwUfYl0MqwA%2F085gf7v4smqCEf8ZRJ%2Fv4Mc%2FJVVOpsiIabUopEKOeOJzbqsd3J9dsKl"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1654091577338275
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
63356
accept-ranges
bytes
cf-ray
739ea7fb6faa06b2-LHR
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 182A
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022081306200574561538369X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022081306200574561538369X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022081306200574561538369X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 04:20:05 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022081306200574561538369X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022081306200574561538369X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703
date
Sat, 13 Aug 2022 04:20:05 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 182A 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214680
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdsdDHgZFdYu0krp8kOhroi3ZqyuyG_CdgYYEUJTRYBh9y0pas9E_P9JKoR-GEwb6VSRQKZfZCMmEIxxxgsqEuUs_A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJh2QZjU5nxbQJWSOPjedxL1wWfJd%2FJ7XbOkJepSLNIILHzI8uChzbl7fh4nCPyUdWobBZ6%2FkPym2TSwCiW2M0T4Hp8UJfooxmZKMdG3wXuC9PGRkQXEcAeHaG1SRKjtB6RgduM%2FMtH0WauP"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
739ea7fb6fab06b2-LHR
cf-bgj
imgq:85,h2pri
E9D375C72282EE56D8DA5AD27266D69B7BFE40E40C948577C3783C3219F98DD01F9931DC8CCF9B67D3492B05912CD4E83AC0FF6D46D2312F3BB13A1DCC095909
assets.ad4m.at/product_image/ Frame 182A 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/E9D375C72282EE56D8DA5AD27266D69B7BFE40E40C948577C3783C3219F98DD01F9931DC8CCF9B67D3492B05912CD4E83AC0FF6D46D2312F3BB13A1DCC095909
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52afbdc9b50ea83386ec3f01d5b7f960c612515f6904541b370334f8d9676c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=nPMlyw==, md5=0DdIJsLaJnR826MREQj1hA==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212679
cf-polished
qual=85, origFmt=jpeg, origSize=63020
x-guploader-uploadid
ADPycdtmUx9hohZO3_hcoNamJCicIwTpOfiQ49JistzO4R7EfAXM9wAO6Tm5Tugy1LOk1WNu1yN_UfcBuMZMWAHTt5lU3Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17696
last-modified
Tue, 07 Jun 2022 13:12:55 GMT
server
cloudflare
etag
"d0374826c2da26747cdba3111108f584"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCX1QYsUJ6widyKMkpHx0xNibfjaKE1qBv85s7q6Ls9XdDb%2BldIq%2FaLIKjCVtYdCqdyQL5g05AT2RoJCZEs4fcDjuVIMxtNRuZDBW77S0u8BOlidBNgYW5SZ76fI8qsu0fhMibvN0bs2glN0"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1654607575745875
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
63020
accept-ranges
bytes
cf-ray
739ea7fb6fac06b2-LHR
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 182A
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022081306200574561538371X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022081306200574561538371X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 04:20:05 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022081306200574561538371X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Sat, 13 Aug 2022 04:20:05 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
assets.ad4m.at/logo/ Frame 182A 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0614b9e015b9a646c5bb4099edb68390666b12c572a6b4712681be7d4bb9bfe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=To/Z0A==, md5=KhBt45iUESpR/gNmK/6mLw==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217620
cf-polished
origFmt=png, origSize=42492
x-guploader-uploadid
ADPycdvZ1NqHFcZT6uIphDrOmUQovmYDoYo5UnzT940gKXTEpc5QDH7d-OfK6CZPCv_CVcl7RCqAgkEtYz5k_P5e4L7QPQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20462
last-modified
Wed, 22 Jan 2020 13:07:53 GMT
server
cloudflare
etag
"2a106de39894112a51fe03662bfea62f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fb6Z%2F8pUXmAxGrt0BXfAQe%2BGYJeWXM5dZzlcGLqBVliz3CH49R7lr1nB%2BmVoc8NIWAPQVgnBxtteDAXsTqYWlt3Ud0Aum%2BaHEuj1eTjyyFTqdWiZ7ZS272Lzoj3IGrqN%2FuU9BoxUDtIotQNi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698473273442
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42492
accept-ranges
bytes
cf-ray
739ea7fb6fad06b2-LHR
cf-bgj
imgq:85,h2pri
7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
assets.ad4m.at/ Frame 182A 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3539d3eee69eebe924850b7e253e0d255b519d795d58cbdc2409faed2a59112

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=qNATdQ==, md5=rtrnh66lL12Rx8tGiazR5g==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287484
cf-polished
qual=85, origFmt=jpeg, origSize=136044
x-guploader-uploadid
ADPycdsXr1kPzQjDsk3LQG25WkAad2vCnBcfo4-_aSS17HGTJ8TcNN7moOEPolKzXeVq2Mtx0pGKmH0fL3gf83DHdOL2IQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41838
last-modified
Fri, 04 Oct 2019 10:13:18 GMT
server
cloudflare
etag
"aedae787aea52f5d91c7cb4689acd1e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJMH7lx%2FVYO8Qu88J2k92%2BW7Q0nAO3yCYmVa2DDFjj%2B%2BgzMEpD35Y21ZRj%2BGzb49JQywSdcoKr4IOebNFHAzDG9qjdYxr0Teob2hMtFhymYFOjptgmVWfhsvAKRq9AwLWqVZRJnQQm%2BvK2zF"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570183998426851
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136044
accept-ranges
bytes
cf-ray
739ea7fb6fae06b2-LHR
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 182A 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2578359&v=11671&q=344795&r=412871&pv=1&pref3=oneid7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuMoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C195017%2C13833&b=7QZTqfzfje9btrHXHgtAtVVef4S1Tr9ZuM%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM&f=EjeTDfEfEJYpFzHAHjt6C441HKSVTZAGT7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7&c=300&d=250&e=&g=3841f6ec95593366f0edee51625e194f%2F15806231829833210206&i=20774%2C20773%2C17743&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjxd6rk5nrdbkvkrq7ct1kjnqj5qxzgwx4e90xcgpktfwk8k0xc70sj7ks85z4e5we3r9248sf42g0kgt2w8cnn2anb1y4b3xvj4y5z050cbzazt0rcxcgr4gpbeayjbz86vvk74rt16pxxj2xxknamz8htj2673z63hfea6c1n068szgrbhz5tccfzqdqj4eb3h6y8qs8tt3a5fv064ckb3evr9wbtdjtgxnzktnabvd9twmgjfpvx9sneksh2fpd9qbyjej6ha%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC--lucyb3YuusKJfa3gOWjKXwCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_Qg3M8FIXIe-jBAZ4ZF_RLz-9WOyAW49Y5SOn3PJZkc9HY21I_NYuZuKvn7NmCVskR8svChSfCNNxdy_cdyUr2IbWXLwSz6z2kGZsDOV-GUfMFgucz9VIk-gwHfAF0Osy0OKgH-Gd7Aeo7r0IZSAQhFaHLB3ArDpE0j5eHKYK6QzBDO42YwUovtbqHFTCosGeLSsvFkPznvybSutwRelD4PHhkIQeiNLuR0ZRev9cin1BCgjf1qR7tRL4xWmhjCoAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_24rAaB-J2xV0z1gSFz4aVDzT7r0Q%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.132.42 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-132-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 04:20:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame E740 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
667339
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 05 Aug 2022 10:57:46 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
739ea7fb5e8d4071-LHR
cf-bgj
minify
DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame E740 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214835
cf-polished
origFmt=png, origSize=74333
x-guploader-uploadid
ADPycdtsUSdABaTJPwf-vxXr6McKe5W-Fg_9zf4F_-xKggfraHXbR3ckDO4x5UVpYueLdvcdarSXBymMzsyV5tsNkwoFFOmXCOr_
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47320
last-modified
Mon, 11 May 2020 10:44:44 GMT
server
cloudflare
etag
"51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKnKZkz3z1OnwLnpkOF8lMaq96wejuzv2hlbsWLJg2HODtxPeYfXnqkzofj0uU7LwY%2FrpIcTfk4X4NMt%2B2kggF09I4fCB1WiX83U4mm1waeqHrvGv9SQcAEO8%2BfXI7y7NXmyJjWvNc6sdPLW"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589193884048730
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
74333
accept-ranges
bytes
cf-ray
739ea7fb6faf06b2-LHR
cf-bgj
imgq:85,h2pri
E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame E740 		290 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204617
cf-polished
origFmt=png, origSize=489686
x-guploader-uploadid
ADPycdsr7ruqARZv4VseMQBCSDRTzqkfruG3DvqyXys1J_E0ZeYZB4xNgVpxDMpgzH2LCgkcircAcac_XfoFTC69THFQIQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
296674
last-modified
Tue, 17 Nov 2020 11:24:27 GMT
server
cloudflare
etag
"e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rZkkVMF494yy2cVhDXT0IqxDeutXsC2gE0RijvLOiZDpJOIC6GKr0z%2BRvezfsjyJxMix%2FeGb9nKJzsJxWmdcDg4kkViePz6lCaS63YRiI8ROrun3yPimoqfLK7DLYGGNIfvsExJKIuoD9Rc"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605612267020757
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
489686
accept-ranges
bytes
cf-ray
739ea7fb6fb006b2-LHR
cf-bgj
imgq:85,h2pri
0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
assets.ad4m.at/logo/ Frame E740 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e82ac1ec5acf59251e8560b62ba41630b890325a9ecfc16f17418c16ae9871d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=9d2TPw==, md5=dJ6WjsjqfJ/3ZPC1taKVoA==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212620
cf-polished
origFmt=png, origSize=10674
x-guploader-uploadid
ADPycduRq6m6BuW3UTYs58dN09k8illuDHCT-18lrCoMq-7GW4Or2DSdvoflGrtImRhNh8bTjBOP2nRuQyrtDGDATRn6-A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2900
last-modified
Fri, 24 Jun 2022 09:18:05 GMT
server
cloudflare
etag
"749e968ec8ea7c9ff764f0b5b5a295a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddAJ%2Fpe9Nb7Gt6B3qWka%2FzLuoAZ6ZyYn8yjdsxRafbWzKWHCnTUOJtjX5K3wzkagVnlyfkFikZOqSWuIf6RhtpdSP7DfzLsQnxnWKcPUymqdkU02nkXB5lSzOLyVhWP6BE9OF5PKlvyAhOdn"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1656062285382134
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
10674
accept-ranges
bytes
cf-ray
739ea7fb6fb106b2-LHR
cf-bgj
imgq:85,h2pri
50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
assets.ad4m.at/ Frame E740 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de09365c5a1290ab8b69797e3d02ef5b995c4bc684706e75ab72a8fe27e1c2ca

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=ikV0dg==, md5=61TYOk3zVTme6ZtZn4wz2A==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205472
cf-polished
origFmt=png, origSize=313263
x-guploader-uploadid
ADPycdsWAA0Of9VpM-Ew0VnUJWJ7QeaW1WMLMH_Lve9sxBBJccfYJnpJpIdOYrxQw0mmUnksTQ2bBiL2ps4J90t3zf2R3Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
171986
last-modified
Wed, 12 Feb 2020 11:15:33 GMT
server
cloudflare
etag
"eb54d83a4df355399ee99b599f8c33d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73g43zolAT4kr63EcsTEd8%2FAcaDXGKcbJzo9A0MCwF457nLmE5S%2FcYgHpmT0fYAS1m%2FUyR1Jhaxm6VOXWbcedRETLUcUks3WV1idmmfTZYzcS0DJfePgd40dfMTkEGiIhWGLseC0ivmBWpem"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1581506133398882
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
313263
accept-ranges
bytes
cf-ray
739ea7fb6fb206b2-LHR
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame E740 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2463630&v=17927&q=371115&r=412871&pv=1&pref3=oneidVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.132.42 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-132-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 04:20:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame E740 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215766
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdu8ecfitr_yC8Vq7bSQJQ5rMLC9TNiyKV4cEMWEa9qSNB5RFNPCAdTzbH_0yagA4w2q4YiTHr56zWw3AxJXN_kRRe_T8nSq
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=814bDqHVFKJ%2BQruNsJmqUYIQrykqPa62%2FYxuAOEYFt3sJfNUEUpe0k%2FPfopD1PiOdjmHWKURhXylLBZmfXykbCd%2BQc2V5%2BsJPcBOKJfHNsOexaRjEq3ZhgH5RbH9NK4LvpvJ%2FS%2BUj2s8WHKK"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
739ea7fb6fb306b2-LHR
cf-bgj
imgq:85,h2pri
AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame E740 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=kgeS2g==, md5=b93XIEsKCkA/WEJIvaEtcg==
date
Sat, 13 Aug 2022 04:20:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213453
cf-polished
origFmt=png, origSize=155400
x-guploader-uploadid
ADPycdvmInsI6JrXgLkuHiQZKJF7JT8Miag1-2DB3pnfuAmIHLsAGJn8-hsr-H8b6IjhHuJDRxmn6s33LXh6ymZBTBrWaw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95550
last-modified
Thu, 24 Mar 2022 15:45:36 GMT
server
cloudflare
etag
"6fddd7204b0a0a403f584248bda12d72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AYi3%2F2YXyFOrJnVYw00slcLW6XHZvbn5rEEM1TO6chuAGesqJmdAiOKtudcRkLLqusfe%2FVKWKwHRVonxtOlbdZMwHg78BZYPT6UkEMbNhwrQEX5%2FVzCjDMHiTdfmIUJzNfsxw3LepRXPtWW"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1648136736276206
content-type
image/webp
expires
Sun, 14 Aug 2022 04:20:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
155400
accept-ranges
bytes
cf-ray
739ea7fb6fb506b2-LHR
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame E740
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKjyxLT7wvkCFb39uwgdOK0OrQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660364405_355593f0-1abf-11ed-94b9-2265b3bf8141
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660364405_355593f0-1abf-11ed-94b9-2265b3bf8141
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 04:20:05 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
0

Redirect headers

Date
Sat, 13 Aug 2022 04:20:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660364405_355593f0-1abf-11ed-94b9-2265b3bf8141
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
link.html
track.webgains.com/ Frame 70ED 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jrp6q3kxwdn2cd0hvvgj3vzjx1nkz0c1q8vzz663wvx7t9mtdgx7ecmqb1h92ka50sdv401tytnk15cw12gw4vb1cz46zwqy8gc81gr9acz5yqwnx9xpaha8qw5vch5pjxmxk82fhxsch7nncgqsk10jph3jj565rjctfz0m5001bvm35pmsbky3rr1gf8qmm5h729yk40kdfg67hc9ft4qb1b3zxyw4311rsmdck58735axt484b25gm78jn5sv300%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%252526client%25253Dca-pub-2773044261387404%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.111.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-111-12.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6e13ce001a26d03b47aa956bddc5578a450e7c3b6dcf57b7c6ce8ac286289c58

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
last-modified
Sat, 13 Aug 2022 04:20:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 13 Aug 2022 04:21:05 GMT
link.html
track.webgains.com/ Frame 4CC1 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4zcw9bpr1asxpk6a512zgrwp6v4hdjxkb7dx7y51d8bxvsf85c5b5f586p4xb7vk4yy0q435n5b6embdz7qzzgb7c4yxwsg6pknb0m84w1m3p7wkx7f553mnm0ehdc7kfyq6h7hvqjw66fx1nhj72tee7gvcscejn1tej91npq9pnj8m9pzzh263fqnf2j6d2m230ver9ac6tdwt3seqqf9dc5gcq1dgts12z8qmtm9xhb0m54emecyvrkxk1gzh8ep%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%252526client%25253Dca-pub-2773044261387404%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.111.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-111-12.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6c41abf48a8581bcd32e405362a33314a292e3451de22e60d6af81cd05bc5a63

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
last-modified
Sat, 13 Aug 2022 04:20:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 13 Aug 2022 04:21:05 GMT
link.html
track.webgains.com/ Frame 4CC1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kjj5f8v32eahwf3f2syzym2qfd0e05z2572tf0yex8fts0zgkv192c44w8b0zv8bew8q0ry3gwv16b5fw5vgqmykeh3m2dm232c2k05dmefvyrp775enkdpxkznbxyy01njr53dzq5127j1apew2kq4s8tfvqvffagkpjhc4n1jtsrdzvkhwgcvdyw90pzrzn5w7k0w7pb1j5jf9yxnqez81z7pf9rhknfkjme7ggbtmafhq1ptgydcbcd3j0xyftqg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%252526client%25253Dca-pub-2773044261387404%252526adurl%25253D&clickref=oneidxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSAoneid__dc_reach_suite02wkz&viewref=oneidjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.111.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-111-12.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
5824abe5e6797e9e854bd4a4abd07eba0a486d4f90fedae12a26cbb0bac90800

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
last-modified
Sat, 13 Aug 2022 04:20:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 13 Aug 2022 04:21:05 GMT
link.html
track.webgains.com/ Frame E740 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=496305&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kkb6evbe4615ypvw1r1veffe4qn7rb1cxd197w41qkywct8dpyetafvzmd9csk002etz49c6gdptgc322tawb7feh9sby00ywa7yasf5m8dzfaqhg07j483jyay8h1jdkknyqym1f2xjs0h2vpy3m1zr08yrev3e811dccnm0taj15ydmdjdverzvabpw13c10pzbgwfq3c62mfdjsg2n3hf2gbt3wtbpnd4nrjnyq6y4cr30a19dcvq3xa0x41hd80%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%252526client%25253Dca-pub-2773044261387404%252526adurl%25253D&clickref=oneid9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Tdoneid__dc_reach_suite02wkz&viewref=oneidZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.111.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-111-12.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
7182d26ebe548a3ba9096276f88d1193dc10f810ce3e84c26d3d8f3ad4aa67be

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
last-modified
Sat, 13 Aug 2022 04:20:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 13 Aug 2022 04:21:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 07EC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpixcX2KoKzDJQFh_XVlxFPOCJCm_A5SPUOHvxjCme1jAB0Fuf3HMuvp1DQ7mCjZQgu0d4s-932kZaZjYSaT5ptBI&sig=Cg0ArKJSzEV5PbwxyjWBEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=102,789,1000,1047,1047&tos=102,687,211,47,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660364403667&rpt=355&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 457B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
13350
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 00:37:35 GMT
expires
Sun, 13 Aug 2023 00:37:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7E7A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8d09d5a9582de918088480a85361d934e8c35f13d4449df2d233f80af4977a0a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--5gsjZCd1v3hhIvkx72ZUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ihealth.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce--5gsjZCd1v3hhIvkx72ZUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 04:20:05 GMT
expires
Sat, 13 Aug 2022 04:20:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all
csm.eu.criteo.net/ Frame 0C1E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=n-GT8mpVwKlkWLS1V_ONg9UCGeJagIQznJvaSKjWv80EsVNeRcf6IikTGHCmCZBfgA9OTqeg2IZ-zkA5I1chby3_9C3yZIMNi7t1RTpycHKJSjmBO9ZHCa1XmuXxKZsIiOwK1evzuZDi9cG1clo-ampm1hmTMUbakhd8eRnhpuk_uxlHMhD8eWFvZQZgMRwLz3pH-TTl2PCiFpkTNTdge2RXF7AI5UpRqoM2i1p41LNrSxhyFKDth1g6y22vlH7-aw2m8g&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvcmcgALZscKd-8XAAZ3bGEnAvB0Hl-FYNPugw&u=%7CBcUvdQ6mcki6glVu19E16Cjw40NNTzvQDAy3360aHgw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXQj5cUqetjeJb7JfhZstsH_b8bS4eiXOAqsmNiJCf8NnL3fJyw467QR4QWjCaVi0RClOP7IdDASgGhU4z8p25gNQN37bLbML3BF7n7P_BFtxGcnxhVpbsmnfizS5C9BdRpXpO_kAKiapPEc7f0rd9mi9nH2dB_qPsQ2x2jV7aUIsTyYqjUioO0LqFFHQyVlAZWBB3sr5fe9ixhX3hkYRMsyaYzttKSAhtjztZSjdo5hJYyVthVGKFTMDkOeBLupnKajjHBdFLdaYUgpC3GeGmhQ_a336ZsnmzY30I2tGunNYZDeeRioGdC6IHd6ah6-XUkooBDO4_WCoaFrhUhmjXnmH3xDDtrCHnZnXAtcb48IfRixYVmWxKbDcOOdwn32WmE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlyKcib3YsfNLZfe3wPs7pmYB8me0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNzczMDQ0MjYxMzg3NDA0oAHVttLqA8gBCakCsYCKU3M2sT6oAwGqBLsBT9DR4qKmWjgI6NzKSQbOSOu4bOwJDqPs6_KxI7Is9g2oXDGTw_UMyg9dRR6T8qHxMtqz4uiEtlEptAC1SlLeOSV66svOthtjWVtDKPhvQFMlB7-0iUPvXbzOI-H7s7FcRpvPeKyvp3sPZig1XoZBZWz0AjJWUhKzbWvc44WgRW83mNsgYZqN2BO0fEVqNrKBrPAVEnVMTbxQo0YPIUiO9yOTHzM-_f_niBGP_H6fckTUDgGKOUookWBQXYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Bekwl7L1fAAtQgN0fM6e825zZEA%26client%3Dca-pub-2773044261387404%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:04 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
pagead2.googlesyndication.com/bg/ Frame 457B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 06:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
77458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13955
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Aug 2023 06:49:07 GMT
pvClk.min.js
analytics.webgains.io/ Frame E740 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=496305&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kkb6evbe4615ypvw1r1veffe4qn7rb1cxd197w41qkywct8dpyetafvzmd9csk002etz49c6gdptgc322tawb7feh9sby00ywa7yasf5m8dzfaqhg07j483jyay8h1jdkknyqym1f2xjs0h2vpy3m1zr08yrev3e811dccnm0taj15ydmdjdverzvabpw13c10pzbgwfq3c62mfdjsg2n3hf2gbt3wtbpnd4nrjnyq6y4cr30a19dcvq3xa0x41hd80%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%252526client%25253Dca-pub-2773044261387404%252526adurl%25253D&clickref=oneid9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Tdoneid__dc_reach_suite02wkz&viewref=oneidZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 13:31:25 GMT
server
AmazonS3
age
74120
etag
"8e0f444d427a5cc08c98fd04087e9847"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 12 Aug 2022 07:44:46 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
52117
x-amz-cf-id
zbFaVMhvCquQFxHzZ7yZHel-L6vp2KgjI8TkQo-aqikaP1i3SRYPyA==
link.html
track.webgains.com/ Frame E740 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJoneid__dc_reach_suite02wkz&wglinkid=496305
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C19840%2C186460&b=ZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ%2CVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2Cq4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3&f=9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td%2Cm3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CRx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7&c=300&d=250&e=&g=8a46b0260311765c2d3f8ed8a8ffb886%2F13858795519741038375&i=22427%2C22610%2C25174&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsm9zp1468xmt3jyt7dk4v5wpzwqhgk10bsjns8nfydcp42angsrtsq5sf2abvg4cxb9wbrzseqbnhr31vq644w9vhpbm32sev9nmnh7r6brd7vq8vjagb881nbh97jvr702jxpw71m9a5j2dr6ab835jt9xn98e5a0e3ekahvxdajwvpsf1h2nq74s0e2attk3s68a2epw1kbantf2f8vj327s5wp14x8575f3062fj31qygszk5mcx52rrky5n75v8q4ma617p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3Qbcyb3YuuLKLmRjuwPqPOgoAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0EM3be5GUjP9xQ9Ki-PCmDYnC2ZCOTVUyRPas_4yW1fCkNGPHkIKCHbAB_7DaylTzI4C6rcuaSJcOwbosEOh-q-2M4adb4hiG3Jn9qt4sw1-syoTKZZYWSww5lX_B215Gug0dy2TfZvcmew5ztVIBZbAzyy_htkmZ5cxfAIRmQVM8vw33EZZnDVOVqZ3n9Kqt8OtA972oWbHc4RI7CshZLUhj_UCbjoMnTyujdsJLIeOlB8lKpZAgx285f_UtBuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2yC8hlCK2Gw1c_U3NfGrq9aYoymA%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.111.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-111-12.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
32b5ea0410bbd7fa1aef6686a84aeb567739bcd71a935ff6214d538b61353f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
last-modified
Sat, 13 Aug 2022 04:20:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 13 Aug 2022 04:21:05 GMT
pvClk.min.js
analytics.webgains.io/ Frame 70ED 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jrp6q3kxwdn2cd0hvvgj3vzjx1nkz0c1q8vzz663wvx7t9mtdgx7ecmqb1h92ka50sdv401tytnk15cw12gw4vb1cz46zwqy8gc81gr9acz5yqwnx9xpaha8qw5vch5pjxmxk82fhxsch7nncgqsk10jph3jj565rjctfz0m5001bvm35pmsbky3rr1gf8qmm5h729yk40kdfg67hc9ft4qb1b3zxyw4311rsmdck58735axt484b25gm78jn5sv300%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%252526client%25253Dca-pub-2773044261387404%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 13:31:25 GMT
server
AmazonS3
age
74120
etag
"8e0f444d427a5cc08c98fd04087e9847"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 12 Aug 2022 07:44:46 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
52117
x-amz-cf-id
q38sghrSRG2m7SD3CboZC59cFg6g_XzJ3g83I4gQAPyWJD45gfc3Eg==
Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 70ED 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1660364705&Signature=A6T0xz9iQ2Eeg-RXjd3W58sOAUGfIm1uY~Y1ZkAz6n1Zbz5FoQldkpzkGLbkm32M1IoZ09~tMKFfX0Vl661Ydlu7IpiZMSMAlrAgl8CTIv-65O2P29coEjnoP4lJNw8WP6k3x1er07t2aleyRD6pwl2WbQvViUN~JbG2-fcvyeGN~8sZOBBtwSRKGW6UHcTGR8qo-wCZMEasqlE0lOfJ2BwbkmXE-M-1sm~~3jFtP0W-c98dl7y3Igd0vNjX1Jn5vVgRRVNhQ3tp4kwp2g5qomPzRFicgcLpdwD9o0xad3DUYjsgN2nhOwLaQ7-w6IMEWJztzzYmUhrgoNi5ELZ0dg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=b89ba2509de6b6582d9619804fa2377c%2F17418033345842782979&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404839&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpwq7yddfagscx16xw1d6whj78a52v2eg7kwdgap1ka1xfaptq6sfrhp1x9jr3n97bxrdy7m5vvagtwdgcf42cfvsxrqr440ngkp6x7va83fgk4q0kd9wzab3hjv2h75mpxr4h6q3smsmg0vvnx2p4xmqh402qwpq1f530t5kx0nv90h1cz7me1mrny372p9wz0800n2vcf41zxt3dw468q9mcvd7eg4ca8zfxr2y7x27v1gcw37bdd29ce8x82wbvbtfzxq33t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCG-k4cyb3Yp29J6OKjuwP9-ebyAOQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI3NzMwNDQyNjEzODc0MDSgAcKu6N0DyAEJqQKxgIpTczaxPqgDAaoEwAFP0FOku-TUHK3DX2YEm8-mx9qTmrtiFfWDTG8N_A71oCbsJsAovoiIx6zRQyM43b1-sLAJDh2imEbNKoh9HfH1DanrqD6LD2aSb-m-qhyt33jDDtIFH6LqJc-yTKCdWXFiTT2y5Sgcu5EWx2w7KDSsJ047cia5mHTlvUM8BiHz4zaUqhv-465msZXlyKeYkmZkD90W6Wunx88HQw25EWx38lbjDba2xTz-ZtxHaeCDjsKWSf9H-vpfSptNZd-TXQuABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3O-4FTl0vnkTOD2rn2ka0NOVrIVg%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-104.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 09:41:36 GMT
server
AmazonS3
age
55762
etag
"92f323c42d6018008b4cf82e90ac9639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Fri, 12 Aug 2022 12:50:44 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
86991
x-amz-cf-id
xQlmA-xWy6bQmE5Nrh7f-rQVbnpAKMTcP8ynfGosOKmf7RvNg8UkRw==
pvClk.min.js
analytics.webgains.io/ Frame 4CC1 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kjj5f8v32eahwf3f2syzym2qfd0e05z2572tf0yex8fts0zgkv192c44w8b0zv8bew8q0ry3gwv16b5fw5vgqmykeh3m2dm232c2k05dmefvyrp775enkdpxkznbxyy01njr53dzq5127j1apew2kq4s8tfvqvffagkpjhc4n1jtsrdzvkhwgcvdyw90pzrzn5w7k0w7pb1j5jf9yxnqez81z7pf9rhknfkjme7ggbtmafhq1ptgydcbcd3j0xyftqg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%252526client%25253Dca-pub-2773044261387404%252526adurl%25253D&clickref=oneidxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSAoneid__dc_reach_suite02wkz&viewref=oneidjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 13:31:25 GMT
server
AmazonS3
age
74120
etag
"8e0f444d427a5cc08c98fd04087e9847"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 12 Aug 2022 07:44:46 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
52117
x-amz-cf-id
W90odScUdDch87DtfAWBpg7SKK6vSv7GNUaekYy3hE-k_uSgFG3eNg==
1592578623_bPBVJMhToPkoa1z0pzv2xErGBXVDuFOF.png
cdn.track.production.webgains.team/280795/ Frame 4CC1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/280795/1592578623_bPBVJMhToPkoa1z0pzv2xErGBXVDuFOF.png?Expires=1660364705&Signature=VlDtyTINJo~GRfgud7HE8Ss1ps6PNmG-8AcEsWGc9RhRQeokKwqQgky-tscr7u1aAhH4gZv~QBNr8Ohbj5BGQeqSPvqM1KIWGQM9bhYTzsRydDTB1xQia3-HqsQhUzyqYsduHCHAczoHCCcPxBaKoj0mHLD4KUiT00viKUwTwBREHNN69XzUWA~mPHLGrcy~WKSQHGKgDwQi1kgjJVva8hdZ4BmuQBK56FnOE0D7Ah25V0Bgw5mtEIo2avXYdS8VZMyW0nBle9s4MbV0HGLT3~lHr3I~5c5OmC4EY5zs-zIH4Ij5OIxdQsCXpVnmls5V6BytoEQNiQg79kiepMvnng__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-104.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:35:55 GMT
server
AmazonS3
age
33392
etag
"53d5935187ccf0f24fb7d8441f56e04d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Fri, 12 Aug 2022 23:51:58 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
5257
x-amz-cf-id
tuPgV0_HwBSemzXFJVpgNYxdcFYRTICzKMdSc0gygXnyBZnm2-MElA==
link.html
track.webgains.com/ Frame 4CC1 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C14044%2C43784&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2CxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA&c=300&d=250&e=&g=10ac22f0e48509716f7db06ec97913d1%2F14845218969672717723&i=20597%2C25007%2C27720&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660364404867&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hattehp7e13b9wv10613tfevqehnw6cr2nea2at4jvb6v840kr71y5rznfr4e8ay95v8yzenvsyxyxv0552zjea3kmqwakp82pc572cx5s9wap18w80pdjmeggvetpkc65e4ms8d8pnze69sfmv5m5yg9yb3yqh3eahtv9zsq108tvqcs36erx0t8002j1ej2b4p74b7ah5zwtd9fg432e57tkpamppg1gs2w4ge61aq5pysbr8wvrpdr9fx14zdgcg058x65yzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQOn3cyb3YoeOKMWl3gO5t5-ID5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjc3MzA0NDI2MTM4NzQwNKABwq7o3QPIAQmpArGAilNzNrE-qAMBqgTAAU_QTiRcG5aWCmZeLTn5reNp6JJhP1k5a3JG50PAEM0Xu1qY4HQi4wdGmxx3k3mBPFGg8JamTb5MZA8bT4MMcVSRkg5qOPDsumsyuXj8056-wwaKK40cPjlmh_6czoHS99m1U3tHpMz_wy7MI2iogwG_1pehzVVc-9q0XKGYi5AGcLiRKWPDRTpzO9aFM6s09Mokn4jKyNsZG36WXDlalPRIIhzhtrpq9zvJIG0Gwklc2xz5HxOrLq1WCuccT-ewZ4AG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1qbMbNjdSXGAnlmCmoE15LKyMHHQ%2526client%253Dca-pub-2773044261387404%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.111.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-111-12.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
last-modified
Sat, 13 Aug 2022 04:20:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 13 Aug 2022 04:21:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=2079002361840050&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 457B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-mzz1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 04:20:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=2079002361840050&bg=!PzylPHjNAAa4hXTbmIU7ACkAdvg8WlgRIKLyyZJJXUJgryZpI5ePGCmbvaMD3bWT2xKmaS0s0uL3TgIAAABwUgAAAAFoAQcKAGI39nlmAj2of9mhFyjubuWRSZzyQfXFo9tb5Mnn9mX33xtZNFLXxgTC-7biWoJ3K-Z4o7Mgsnm-PLnEVPFCAK9SXerCsjt0_ngvPNaxYokSRwdG0PYHfpteBz7n5dXLVX7d75kCmyCuw6pUwNeTiktOtcQpoeXQ5o0iRGqyf0zXF628XMJhNxi3R8zUd6vPTROGeVUDoc-t36UY2-hNgIodTp9h1K5sCxwRzElOPxDUqbcbdXIPaFB_11JgguHtf7n4_cPMPUANwcZj4goMw81dzzuo0vRkt88KdFQDO9YTtZZdHtAAQDJRi9ddughf7-l-9p6EUmfejsBtiHqsVCNgQmlQme1gJd005YGmWUmp-YT6EYTBMyOFiqRpKSnkBQ0yVzXiOXvfHiRNe-fccmstHwl6-HG5nfbp11_FBa_-83DsAPISiLX0yhlPoXad_8IhLeVB4DOdNZxoNikISXe3vZHRVWHQCLM6ACtsEF-MtJ-_yc0rr0VC8Ait7huVum2BibC40xeiZ5wx8Za7hY5-Yyta0YRYttLAHHJXevKgKnMO9niACHogoGDJ79pUMGPHELj1kOYCxSA6Gocebc3jEDfKcSf7eRjoGefhhbSuhhh8s4J5FgRll4Y1-biyYe2HQXxjiYcLqc6AMajOaAElTm2RqxSXQQ-d7wR6fxb6GZS9pxVYWrxvuAPO9nekQJ07rsVd7f1uIPJZaXB0mxZuB7Tg5ygw3Kw-O_NGHCBIsGFNoDrE5Qll0jgZP9PZTx1miNbNi738V-ZxLQFsgbMifkZ4axXsIULRmSqmorHoUEmIshpWhMhzzWo9EzEJaAYI_bW16Jj547kd2oeNdzDrJVW7F4uADGqL98YDY3ME7EAz2eBBNpvo0K7NbI5DY0JShg3S_JxEPGuYJivk9uGUWG3Hz9-ue8WYeVUjO2W9qso-Ijv8o3mIaKrr7ni1F4KFNGXynXU6CPGKNIDOk_m_yITtRnBMJ8mzSqzESQKEEljUJsHbrTqte-UZwnq1hu4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ihealth.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
55357057
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/55357057?wmode=0&wv-part=1&wv-hit=785944662&page-url=https%3A%2F%2Fihealth.in.ua%2F&rn=21741707&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1660364407%3Aw%3A1600x1200%3Av%3A860%3Az%3A0%3Ai%3A20220813042006%3Au%3A1660364403769444994%3Avf%3Anlzej4hetqp77kpsc2e48%3Awe%3A1%3Ast%3A1660364407&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ihealth.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:07 GMT
last-modified
Sat, 13-Aug-2022 04:20:07 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ihealth.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 13-Aug-2022 04:20:07 GMT
tracking-event
api.webgains.io/ Frame E740 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 04:20:06 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:06 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 4CC1 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 04:20:07 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:06 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 4CC1 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 04:20:06 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:06 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 70ED 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 04:20:06 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 13 Aug 2022 04:20:06 GMT
server
nginx
55357057
mc.yandex.com/webvisor/ 		43 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/55357057?wmode=0&wv-part=1&wv-hit=785944662&page-url=https%3A%2F%2Fihealth.in.ua%2F&rn=802416074&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1660364407%3Aw%3A1600x1200%3Av%3A860%3Az%3A0%3Ai%3A20220813042006%3Au%3A1660364403769444994%3Avf%3Anlzej4hetqp77kpsc2e48%3Awe%3A1%3Ast%3A1660364407&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ihealth.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:07 GMT
last-modified
Sat, 13-Aug-2022 04:20:07 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ihealth.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 13-Aug-2022 04:20:07 GMT
55357057
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/55357057?wmode=0&wv-part=2&wv-hit=785944662&page-url=https%3A%2F%2Fihealth.in.ua%2F&rn=138968398&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1660364407%3Aw%3A1600x1200%3Av%3A860%3Az%3A0%3Ai%3A20220813042007%3Au%3A1660364403769444994%3Avf%3Anlzej4hetqp77kpsc2e48%3Awe%3A1%3Ast%3A1660364407&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ihealth.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 04:20:07 GMT
last-modified
Sat, 13-Aug-2022 04:20:07 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ihealth.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 13-Aug-2022 04:20:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFc-s6sxGAQUATCIY2nfYNc&google_cver=1&google_push=AehlK4DaI62MghjDnbJZwj4mgEPT838mllIbjPvocSma742jbuM__UtazwAsNPfnwIUPtgUUGlVit12KMGa5WLuj16p0mgcVdZah4A
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFc-s6sxGAQUATCIY2nfYNc&google_cver=1&google_push=AehlK4A6rKFBmKcnoYmPC-JjKNC0e_eDOcmtLNHKSUvQC5BuRQy_KYktg3SdcEVqHS-dyipOhK9c1Rt2EOz-PN9wfBeqKYlQtnID

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| $ function| jQuery string| donovan_menu_title function| gtag object| dataLayer function| ym object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter55357057 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

52 Cookies

Domain/Path Name / Value
.ihealth.in.ua/ Name: _ga
Value: GA1.3.843282222.1660364402
.ihealth.in.ua/ Name: _gid
Value: GA1.3.357351320.1660364402
.ihealth.in.ua/ Name: _gat_gtag_UA_148167665_1
Value: 1
.ihealth.in.ua/ Name: _ym_uid
Value: 1660364403769444994
.ihealth.in.ua/ Name: _ym_d
Value: 1660364403
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 618592969fake
.ihealth.in.ua/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1931962962fake
.ihealth.in.ua/ Name: __gads
Value: ID=44c61cc2d4442168-22f48d7ef3cd00b8:T=1660364402:RT=1660364402:S=ALNI_MZVT6MQPvqa_YVskoD4QGAdm7ETSg
.yandex.com/ Name: yandexuid
Value: 8046520301660364402
.yandex.com/ Name: yuidss
Value: 8046520301660364402
mc.yandex.com/ Name: yabs-sid
Value: 2477420241660364402
.yandex.com/ Name: i
Value: T1hc8LVoK4n3INZDkl1muwLV2j04c/t0gflyYzqefP7P6iTxLOVmPCuuNz2AF9Pf9yE1dCdHtuZOiTgK80L+NE5McBE=
.yandex.com/ Name: ymex
Value: 1691900402.yrts.1660364402#1691900402.yrtsi.1660364402
.ihealth.in.ua/ Name: _ym_visorc
Value: w
.doubleclick.net/ Name: IDE
Value: AHWqTUlNEhYQ99nYOnywTulZ2pvT8I-9EPOpiavrNtUB9XEL2O0ktaqcX4BnHEz1BRE
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.casalemedia.com/ Name: CMID
Value: YvcmdLeqyGW8QlF8slqdIQAA
.casalemedia.com/ Name: CMPS
Value: 1112
.casalemedia.com/ Name: CMPRO
Value: 1112
.quantserve.com/ Name: d
Value: EFIBCQHsJoEA
.quantserve.com/ Name: mc
Value: 62f72674-62777-7af01-136b5
.agkn.com/ Name: ab
Value: 0001%3AhsKSOIPg7T3bWMSTwio%2FdJHLP4FLdp1t
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.casalemedia.com/ Name: CMTS
Value: 1136
.agkn.com/ Name: u
Value: C|0CEAqieL0Koni9AAAAAABAQ13AQEAAQpAAAAAAA
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220813
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.addthis.com/ Name: na_id
Value: 2022081304200400017038666178
.addthis.com/ Name: uid
Value: 62f72674e3e0bc18
.addthis.com/ Name: ouid
Value: 62f726740001ded7ed9928b5f1b4b3a075fae8c953b5006c5a23
.awin1.com/ Name: awpv17927
Value: 412871|1660364405|35398070-1abf-11ed-80d0-22316432dc67
.awin1.com/ Name: awpv11671
Value: 412871|1660364405|3539a780-1abf-11ed-94b9-2265b3bf8141
.awin1.com/ Name: awpv14098
Value: 412871|1660364405|3539f5a0-1abf-11ed-94b9-2265b3bf8141
.awin1.com/ Name: awpv11354
Value: 412871|1660364405|353ab8f1-1abf-11ed-80d0-22316432dc67
.awin1.com/ Name: awpv11938
Value: 412871|1660364405|355593f0-1abf-11ed-94b9-2265b3bf8141
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1660364405_355593f0-1abf-11ed-94b9-2265b3bf8141%22%2C%22sp%22%3A%22awin%22%7D
.zenaps.com/ Name: awpv11354
Value: 412871|1660364405|353ab8f1-1abf-11ed-80d0-22316432dc67
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjYwMzY0NDA1dmxlYTFkZTIwMjIwODEzMDYyMDA1NzQ1NjE1MzgzNzFYMTE3NjYzVjEyMjUxMzExMDZNU21tX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022081306200574561538371X117663V1225131106MSmm_SUBIDTEST_view&wfid=117663
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjYwMzY0NDA1dmxlYTFkZTIwMjIwODEzMDYyMDA1NzQ1NjE1MzgzNjlYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022081306200574561538369X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjYwMzY0NDA1dmxlYTFkZTIwMjIwODEzMDYyMDA1NzQ1NjE1MzgzNjlYMTE3NzAzVjEyMjYxMzI3MDJNU
www.conrad.de/ Name: HTLP_timestamp
Value: 1660364405
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: Frk_j8P7xyi5ev8MST5kGXkBY39EjwA8aLawyQ2Mj3U-1660364405-0-ASx+YCqd7B15evuQzrCAmyR89Hq3SYlqRMMn/DcQpCQ2pLWIICw7070lKRL3gvRmTHLVJqJzCEHPx9D0/0QPayI=

6 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9728.eYm2ZtgyWGTuORB7hCBPpA0x9BAQQrlqBdZfnjrOjRQSUD16ANMyA3pq4eY7sMkXp35YwrDJO3d3Vm3D_VYKIw%2C%2C.qe-SQ_Q_NYPZczKqqNbVjxPD0xQ%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773044261387404&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.707746843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660364402&rafmt=1&to=qs&pwprc=6907635123&psa=0&format=1200x280&url=https%3A%2F%2Fihealth.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660364402263&bpp=3&bdt=549&idt=332&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7483991097825&frm=20&pv=1&ga_vid=843282222.1660364402&ga_sid=1660364403&ga_hid=1604559089&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068816%2C31068911%2C44764001%2C21065724%2C31067825&oid=2&pvsid=2079002361840050&tmod=1203046824&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oGteQKTL49&p=https%3A//ihealth.in.ua&dtd=336
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFc-s6sxGAQUATCIY2nfYNc&google_cver=1&google_push=AehlK4DaI62MghjDnbJZwj4mgEPT838mllIbjPvocSma742jbuM__UtazwAsNPfnwIUPtgUUGlVit12KMGa5WLuj16p0mgcVdZah4A
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AUyhCK_ijU7tOCoGKTmDCxBLfC0Q1dPzLXGVcvbqFT-d2EomDseYzbXPCRSPekMKOO4pbifBKio62IdPPAXs9V0rtTxD5K&google_gid=CAESECN3GwGq4X_ZpzXhDFBrxV8&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFc-s6sxGAQUATCIY2nfYNc&google_cver=1&google_push=AehlK4A6rKFBmKcnoYmPC-JjKNC0e_eDOcmtLNHKSUvQC5BuRQy_KYktg3SdcEVqHS-dyipOhK9c1Rt2EOz-PN9wfBeqKYlQtnID
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BdRNRUshD7EmC3-O73NLDUpoBuEDrtANEdVgV-49SjYRzLvwDAC-xJYCeqH23KfVD7oi7UIsYvLiLcure_iiS6X4Nscvi0zw&google_gid=CAESECN3GwGq4X_ZpzXhDFBrxV8&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cat.nl.eu.criteo.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
ihealth.in.ua
image6.pubmatic.com
mc.yandex.com
mc.yandex.ru
odr.mookie1.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pix.eu.criteo.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.nl.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.zenaps.com
googlecm.hit.gemius.pl
104.111.215.191
104.18.19.126
104.96.132.42
142.250.185.134
142.250.185.66
142.250.186.162
148.251.139.77
178.250.0.139
178.250.2.148
178.250.2.150
18.133.111.12
18.195.201.66
18.66.139.104
18.66.97.96
185.64.190.78
2600:1901:0:76b9::
2600:9000:223c:c400:1e:a43d:b640:93a1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6811:180e
2606:4700::6812:7f05
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2008
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::3
2a02:6b8::1:119
2a06:98c1:3120::3
3.8.108.133
34.98.67.61
35.227.252.103
35.244.174.68
46.4.41.145
69.173.144.139
78.46.85.162
84.200.5.215
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
0614b9e015b9a646c5bb4099edb68390666b12c572a6b4712681be7d4bb9bfe4
08dcdc6d2ae017d80612fbfa409077145f8e1dccabc5f2c66363eb6976b38b05
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09809bd2b2151041eb336b4faf503af032d1519d8bcc80b80b869fc8c9db884d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
115c5e4c3a816cdafb1c8c566ef8316174b44fd6735cfd26febcc6f581c2ca59
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
12ea93bb770d55efca925b65c8cfabd5c60364fcb11bc86946c3f106bb0701fc
13d27285c6af3bbb9792dd6a45798931e9642e381eee4cf830a1c02f984b34fa
157ef37ed7772c01e72d9be63b260d7ec1e2ecdac5e1609c6567e49f31aa052d
16b8f08fb7e7a3896bfed2243632919fcf549e724845e93d73c85303dbf386aa
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e07e42ab2a0857b289ccc5b1b92dc3546dc59b4c005594709591011eaaeede1
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
1fa16b01e976d07660ebbecb42fa90fe390d9560e32e65832aa2873b4988ba12
20d05908ab184af669014c38ac2d1c3e495eefe4e2ecef99943e08790ed25e80
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
299a9297e09cb8687b3100cdcefabf0f68141b893e8c7803760016b5ff3518ba
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fa8d3f15f6276e75aa726101254e8ad75c6e0637a576f0f864f1552232c19cf
32b5de8292ae103abbee25b0067fe44f62cd019d000a8f627a1bd4c28dd0f769
32b5ea0410bbd7fa1aef6686a84aeb567739bcd71a935ff6214d538b61353f0b
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0
3368716471f5141dc5e9985d22080be939d35e2938d251c524c9917a1431ecfc
33f883b10505b0751de0b7babbd81632fe3cacbdd218487fe94be2eefa422c6a
3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
45b4df3791f15848f459acfcdb947c967d32a2ab208189ad19236126e23a8637
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4c7f7718e32f02dd00533f7f87feae91e37e68b9e7df0bda0e62cba8441d1972
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b1681187e40a427b63d946aedea55574d0b5c556b6999a35c45fc51c5df9f2
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5824abe5e6797e9e854bd4a4abd07eba0a486d4f90fedae12a26cbb0bac90800
58b31ff84a6db56a3957b39b98391934c10d4d4b9b72b3e2705987606f7fb2c2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65510378ed1ad5f6f90e3e21d2dacebd6e9fc76b83b04ff1f99fffe17c9f8c25
6a5dd34daf95446ad7e7f0dc8b6d841c3b6252e0bf159b4e89a1db52724ad122
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c41abf48a8581bcd32e405362a33314a292e3451de22e60d6af81cd05bc5a63
6e13ce001a26d03b47aa956bddc5578a450e7c3b6dcf57b7c6ce8ac286289c58
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
7182d26ebe548a3ba9096276f88d1193dc10f810ce3e84c26d3d8f3ad4aa67be
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7279466e27575aecb1113cb2637b591b9c3e8947f4ffd8315301258672e99abc
74279e52f5d422bca003b744bc0d1483f793e41e483c23c7970b25e56a22080a
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
766adc31a815c2b017d5b2178598849e8aa3757077c157e1b7385de3f11f7757
785a1a1fe994337ff18a08d6e32d37111fb6cc09e0938db1672957e4d2e76fae
7abd4da7a7ac545d5e633d3b3bbedca5abf0393e9c4bc16cfcc1eb967a4bdbea
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
802c17d130f18df30a94c9877f2ce91c220b1afbb5295bfa7462d5e83503fd21
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83b511683d2e99d307573bfde66698419e177225ea60e58b4273d37cbc3a5a76
89247e6d06195c3a5fc563ffe3f508fd304ef591c6453eafa907128d070f05f3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
8d09d5a9582de918088480a85361d934e8c35f13d4449df2d233f80af4977a0a
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e82ac1ec5acf59251e8560b62ba41630b890325a9ecfc16f17418c16ae9871d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92ea73bf1dfdbbac475dc32ecbe4e247b1a5fad35a9e934f037868281e7b6712
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad8c30ae028238d5613d4b2509165d50c6064ef861ffdfc42055a3a7d4dfefc0
b1caf079743384c7ff33b5da5b688e6c766b81716f2f654494c61df115bc1344
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c40ffd5d2151a521c3e2de238f4b3181a059903d477fd1c4fd67de7caeae1796
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d31de3c6c789f0c7c72cf09f38bfc1706e8852313697faadeba83e579b88c527
d4f618b9e0091199bbfd4c088ebd6c42133b777fd94ac324bfea268372e26e7a
d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dccdcd2d92d7d06d1b8ead3251fb225d84c727fe9000a2f4330e1c392ae3e655
de09365c5a1290ab8b69797e3d02ef5b995c4bc684706e75ab72a8fe27e1c2ca
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df17149b11991597922f36bc5d3f7c67a633b896989f23cb64cff6da4c663051
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e26f3bb09473dea2b262c9a2fb61805e9d65b59cb5cd38bdc18641f3ae817ee7
e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61
e3539d3eee69eebe924850b7e253e0d255b519d795d58cbdc2409faed2a59112
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e56c982172da812fb52e423cad1bfa5e4c5bd296c615dede2934da6ca00972f5
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ecd15390328a8a93b9ab92cff79b055582746c296d23a98f13427346b4f2a207
ee15481250f79d7a3d2669f1b282b78aac946d1ea24e088a064613d70c1ece1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcfa8a170f166a74f9e9d7b8caf13b225a4326283e2a5da9e920679fa410e27
f359ce241c87d02ff076f9162c0b4b3467c56255517018a2930941de7ad09e34
f4531e95b5c4518f080bfac3f44df5c132080c8f2d1c935c4eab05dad6863214
f52afbdc9b50ea83386ec3f01d5b7f960c612515f6904541b370334f8d9676c0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f87cef5da83abce79c618bb876e2a71298c7f78e612aee83c45c06d2ac89edfd
fb8d3c65e9530140a542310a506cbdae7aa0745883b90b451bdae70773f83be9
fb994c518da6741a1228684d63d6876c9228de2e3dd3e7d41a79ccc646f42116
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454
fc7b2628957455c52c627d02e6ee23b39d925d7c66b424e66917db939b7b8693
ffebd1dd0cd478670124588b2d93b724fde70db13e6795988c018c42692a778c